Home > Article > CMS Tutorial > How to prevent theft of DedeCMS template
How to prevent theft of DedeCMS template?
One of the anti-theft methods of DedeCMS template is system file repair method:
System file patching method is a bit more troublesome. It also requires a certain degree of familiarity with the DedeCMS system before this is recommended. Because the templates we make are often not comprehensive. For example, when our website only has article models, we usually don’t make styles for other models (such as software, shopping malls, photo albums, etc.), so here we In this case, when a user accesses a file path that does not exist, the template directory of the website may be exposed.
Recommendation: "dedecms usage tutorial"
Then our solution is to delete the prompts in the specific files (finally comment through PHP comments) , for example, in the content page parsing file (/include /arc.archives.class.php), there is the following paragraph:
The following is the quoted content:
The code is as follows:
if(!file_exists($tempfile)||!is_file($tempfile)) { echo “文档ID:{$this->Fields[‘id’]} - {$this->TypeLink->TypeInfos[‘typename’]} - {$this->Fields[‘title’]}”; echo “模板文件不存在,无法解析文档!”; exit(); }
Then you can comment them out, such as:
The following is the quoted content:
The code is as follows:
if(!file_exists($tempfile)||!is_file($tempfile)) { // echo “文档ID:{$this->Fields[‘id’]} - {$this->TypeLink->TypeInfos[‘typename’]} - {$this->Fields[‘title’]}”; // echo “模板文件不存在,无法解析文档!”; exit(); }
Dream Weaver Template Anti-theft method two: warehousing template content:
This method is more convenient than the previous one. To put it simply, it is loaded using the custom tag (mytag) of the DedeCMS system. The specific implementation method is to create a new custom tag (mytag), and then copy all the code in the template file we need to hide into the content of the custom tag.
Then, clear all the code in the template file that needs to be hidden just now and replace it with the following code:
The following is the quoted content:
The code is as follows:
{dede:mytag name=‘list’ ismake=‘yes’/}
The list in bold red is the tag name of the custom tag (mytag)! In this way, even if someone guesses the template path, the template will be unusable after downloading. Because it cannot know the specific content of your macro tag, this specific content has been stored in the database.
This method can basically complete the hiding of the template, and it is also recommended that everyone adopt this method.
Dreamweaver template anti-theft method No. 3 301 redirect jump:
This is simpler and more effective than the above two methods, but it has special effects on your server environment. Requirements: Must support custom configuration of .htaccess or httpd.ini - URL rewriting technology. We take .htaccess as an example. For example, if your template directory is: /templets/xuewl_com/, then you can use the following code to perform 301 redirection:
The code is as follows:
RewriteEngineOn RewriteBase/ ErrorDocument404/ RewriteRule templets/xuewl_com /
Nginx 301 redirect domain name:
Add the following code to the Nginx extension settings (server section):
The code is as follows:
location ~*^/templets { rewrite ^/templets/(.*)$ http://noniu.com permanent; }
Among them, http://noniu.com is yours The URL you want to jump to.
Dream Weaver Template Anti-Theft Method 4: File 403 prohibition method:
403 method is to prohibit directory files from being read, and the host needs to support .htaccess files. We know that Dreamweaver's templates are files with the .htm suffix. As long as the browser is prohibited from loading .htm files in templets, template theft prevention can be achieved. The specific method is to place an .htaccess file in the templets folder. The content of the .htaccess file is as follows:
The code is as follows:
<Files *.html> Order Allow,Deny Deny from all
The above is the detailed content of How to prevent theft of DedeCMS template. For more information, please follow other related articles on the PHP Chinese website!