How to set directory permissions on the DEDECMS website system

How to set the system directory permissions of DEDECMS website?

If your website data is very important (forget about the garbage dump that can be repaired in two days), it is recommended to strictly set it up according to the security steps mentioned in this article.

Recommended learning: 梦Weavercms

1. Directory permissions

We do not recommend that users set the column directory at the root Directory, the reason is that it will be very troublesome to set up security in this way. By default, after the installation is completed, the directory settings are as follows:

(1) data, templets, uploads, a or 5.3 html directory, settings Readable, writable, non-executable permissions;

(2) If you don’t need a special topic, it is recommended to delete the special directory. If you need it, you can delete special/index.php after generating HTML and set this directory to be readable and writable. , non-executable permissions;

(3) include, member, plus, and background management directories are set to executable scripts, which are readable but not writable (with additional modules installed, book, ask, company, The group directory is also set up in this way).

2. Other issues that need attention

(1) Although the install directory has been strictly processed, for the sake of safety, we still recommend deleting it;

( 2) Do not directly use the MySQL root user's permissions on the website. Set up an independent MySQL user account for each website. The permissions are:

SELECT, INSERT , UPDATE , DELETE 
CREATE , DROP , INDEX , ALTER , CREATE TEMPORARY TABLES

Since DEDE does not use stored procedures anywhere, be sure to disable FILE, EXECUTE and other permissions to perform stored procedures or file operations.

3. How to set the permissions of the directory?

For users who can use Linux, I believe most of them already know these things.

(1) Set the directory to be read-only

(2) Set the directory to not allow execution

Set not to allow script execution

In addition, you need to pay attention to issues Yes, regardless of IIS or Apache, do not add .php and .inc files to mime, otherwise the system will prohibit downloading of these files.

The above is the detailed content of How to set directory permissions on the DEDECMS website system. For more information, please follow other related articles on the PHP Chinese website!