The following is the tutorial column of Empire cms secondary development to introduce to you the optimization and sharing of the security settings of Empire cms. I hope it will be helpful to friends in need!
First of all, let’s get to know the security authentication features of Empire CMS:
Four-layer security verification for Empire login:
The first level: password Double MD5 encryption, the password cannot be cracked, and if the database is downloaded, the real password cannot be obtained.
Second level: Backend directory customization. If the other party knows the password, it cannot find the login backend.
Third level: If you know the password and backend directory, you cannot know the authentication code. The authentication code stores the .php file and you must log in to FTP to view the file content.
Fourth level: Backend login supports custom-specified independent domain names. You cannot log in to the backend without using the specified domain name.
Empire COOKIE Information Five-layer Security Authentication:
The first level: System verification uses random password authentication. A new random password will be generated every time you log in or log out. There is no pattern to be found, and the authentication Using database COOKIE double authentication, it is safe and reliable.
Second stage: Backend login verification COOKIE variable prefix is customized. If you don’t even know the variable name, you cannot simulate COOKIE packet sending.
Third level: COOKIE information is verified using COOKIE authentication code, and information encryption uses double md5 encryption. The COOIE authentication code cannot be cracked, and the .php file containing the COOIE authentication code must be logged in to FTP to view the file content.
Fourth level: COOKIE information is bound to the login IP for authentication. If the COOKIE information is completely obtained and the random password is not changed, the authentication cannot be passed even if the login IP is not known.
Fifth level: Use files to verify whether the user is logged in. If the COOKIE information is completely obtained and the random password has not been changed, and the IP of the login is also known, the user will not be able to pass the authentication even if he is not online.
Let’s introduce how to set up the Empire CMS to be safe and optimized:
(Note: The following options are not required settings, they are just optimization suggestions.)
php configuration file php.ini settings:
1, magic_quotes_gpc is set to On
Magic quotes, it is recommended to turn this on.
2. Register_globals is set to Off
PHP global variable. It is recommended to turn this off.
3. Set display_errors to Off
Do not display PHP error prompts. This setting has little impact on system security.
Imperial website management system settings:
1. Modify the table prefix during installation
It is recommended to modify the table prefix when installing Imperial CMS.
2. When installing and initializing the administrator account, do not use common ones such as admin as the administrator user name.
3. Set the administrator password to more than 6 characters
The password consists of letters, numbers, underscores and special characters.
4. Set the login authentication code during installation
If the authentication code is not set during installation, you can modify the content of the "$do_loginauth" variable in the e/class/config.php file. (It is recommended to edit with Dreamweaver to prevent UTF8 encoded files from being converted to GBK)
5. Rename the background management directory /e/admin
Rename admin to something that is not easy to guess and good Remember the directory name.
6. Set the background verification login IP
In order to take care of users whose Internet IP changes at any time, the login IP is not verified by default. If you want to enable login IP verification, you can modify e/class/config.php The value of the "$do_ckhloginip" variable in the file is set to 1. (It is recommended to edit with Dreamweaver to prevent UTF8 encoded files from being converted to GBK)
7. When exiting the system, click the exit login link in the background to exit
Click to exit and log in. The system will automatically generate a new Random password (to prevent the leakage of locally saved COOKIE information due to computer poisoning or network hijacking, and generating a new random password can invalidate the leaked COOKIE information).
8. Enable website security firewall.
For more imperial cms technical articles, please visit the Empire cms column!
The above is the detailed content of Imperial cms security settings optimization sharing. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
SublimeText3 English version
Recommended: Win version, supports code prompts!
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
SublimeText3 Linux new version
SublimeText3 Linux latest version
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
