"System Settings" > "Website Firewall". 2. Modify the e/class/config.php file configuration."/> "System Settings" > "Website Firewall". 2. Modify the e/class/config.php file configuration.">
search
HomeCMS TutorialEmpire CMSAbout the features of Imperial CMS 6.5: Instructions for using website security firewall

The following tutorial column of Empire cms will introduce to you how to use the website firewall in Imperial cms. I hope it will be helpful to friends in need!

About the features of Imperial CMS 6.5: Instructions for using website security firewall

This article explains how to use the website firewall:

1. There are two methods to configure the "website firewall":

1 ,Backstage>"System Settings">"Website Firewall".

2. Modify the e/class/config.php file configuration.

2. The following explains the function and use of related settings:

About the features of Imperial CMS 6.5: Instructions for using website security firewall

1. Firewall encryption key:

This item must be set , fill in any 10 to 50 characters, preferably a combination of characters.

And it is recommended to change it once a week or every month.

2. Domain name that allows backend login:

Set the domain name that only allows access to the backend. The domain name is bound to the root directory of the website. Only access to the e/admin backend through this domain name is allowed. . Generally, the domain name can be the second-level domain name of the website. If you want to be more safe, you can also bind a new second-level domain name to the domain name. For example: website domain name: http://www.phome.net, and to access the backend domain name, use http://abc.digod.com

and the bound domain name also supports adding ports, such as: http: //abc.phome.net:8080, provided that the server supports using this port to access the website.

After binding the domain name (http://abc.digod.com), the access backend address is: http://abc.digod.com/e/admin/, while accessing the backend through other domain names is: blank.

3. The time point when logging into the backend and the week when logging into the backend are allowed:

Convenient unit settings during working hours, making it easier to control website security maintenance and preventing users from working during working hours Go backstage.

If there is an emergency exception, you can manually modify the e/class/config.php file configuration.

4. The firewall background pre-login verification variable name and the firewall background pre-login authentication code

must be set.

Pre-login verification variable name: It can be composed of English letters and numbers (must start with a letter), and consists of 5 to 20 characters.

Pre-login authentication code: fill in any 10 to 50 characters, preferably a combination of characters.

And it is recommended to change it once a week or every month.

5. Block submission of sensitive characters:

This function is the core of the security firewall and can safely filter all information entered by front-end users. Usually set the relevant characters for PHP, MySQL and other attacks.

For example: characters commonly used in sql injection: select, outfile, union, delete, insert, update, replace, sleep, benchmark, load_file, create

More imperial cms technical articles , please visit the Empire cms secondary development column!

The above is the detailed content of About the features of Imperial CMS 6.5: Instructions for using website security firewall. For more information, please follow other related articles on the PHP Chinese website!

Statement
This article is reproduced at:csdn. If there is any infringement, please contact admin@php.cn delete

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Tools

WebStorm Mac version

WebStorm Mac version

Useful JavaScript development tools

mPDF

mPDF

mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),

EditPlus Chinese cracked version

EditPlus Chinese cracked version

Small size, syntax highlighting, does not support code prompt function

DVWA

DVWA

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software

SublimeText3 English version

SublimeText3 English version

Recommended: Win version, supports code prompts!