dedecms security issue has been criticized by the majority of users webmasters, blog it also empathy, a little neglect security can easily be black, tampering with web pages, black chain linked to other issues one by one, so the dedecms effectively modify security settings is extremely important, here he is a few blog dedecms security settings recommended in weaving dreams taken from the CMS help Center.
Database Security
dedecms use the mysql database, Mysql database information do not set too simple, does not recommend using the root user, create a new user alone and give: SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER, CREATE TEMPORARY TABLES permissions, database password too complicated.
Delete the install directory installation
Dedecms After the installation is complete, the installation directory website root directory install / no effect, in order to prevent others using it is best to install delete the entire folder.
Modify Admin directory
dedecms default Admin directory is dede, a hacker can easily be learned, it is proposed to modify Admin directory folders, FTP login to dede / files in the web root folder rename, change to another name. After landing back modify the URL that is: http: // domain / modified folder name /login.php
Setting directory permissions
For data /, templets /, uploads /, a / site directory folder to 644 can read and write can not execute permissions. Where the a / directory is the default save path HTML document, if any modification, please set the directory modified file folders.
To include /, member /, plus /, dede / site directory folder to 755 readable executable is not writable permissions. Where Admin directory (default dede), can modify.
Delete useless directories
Many owners use dedecms building site and did not open the membership function, special function, if it is confirmed without the use of members of the topic, you can simply remove the website root directory of member, special directory.
Modify the account password
Many owners accustomed to using admin as the user name, password is also set relatively simple, which is affecting the site security, the administrator account password to try to set up complex new channel manager can publish articles, and given only to the relevant authority.
Regular backups
Backup is always the best guarantee, once the site was hacked or deleted site can be restored for the first time, to minimize losses. Recommend dedecms owners regularly backup site directories and databases, and files in the background check, virus scanning, system bug fixes, identify problems and fix as soon as possible.
The above points are set, their dedecms basic website can guarantee security, it will not easily be hacked.