Windows system >> Computer software Tutorial >> Server technology  >> About the server

Set database and directory permissions to prevent website hacking

  
                  

In the process of website operation, the most likely headache for the webmaster is that the website has been hacked. In fact, if the website's directory permissions are set in advance, the website can be guaranteed to withstand most of the exploits. This article describes how to set the file directory and database permissions. It is not difficult to set permissions. Just follow the steps in this article to greatly improve the security of the site.

How to set website directory permissions

Most websites are built with programs. For system management directories, you can set them to be readable and executable, but not writable. Permissions; however, for directories where static files are placed, and for directories where image files and template files are placed, they can be set to read-write but unexecutable system permissions. After the permission assignment is clear, even if the system is compromised, it can only be browsed and cannot directly operate on the file.

For files that can execute scripts, it is best to set permissions that can only be read but not written (as shown in the figure), but files that need to be written are set to be unable to execute scripts, and directory permissions are configured like this. The security of the website system will be greatly improved.

Database permissions should also be set carefully

For websites, the database can be said to be the core of the site, and the contents of all sites are stored in the database. So database security is also a place to pay attention. For the MySQL database, it is best not to use the root to manage the user's permissions directly on the website, but to open a database account for each site, and the account permissions are limited to the operation of the current database directory, and for these separate MYSQL The account removes the execute permission of file and EXECUTE, so that even if the database is injected by SQL, it can only go to the database level, and can not get the permissions of the entire database server. In this way, as long as the database of the website is frequently backed up, the database is rarely invaded.

Another thing to note is that since many website systems do not use database stored procedures, it is best to disable FILE, EXECUTE, etc. to execute stored procedures or file operations.

Tip: For the Access database, you can modify the storage location of the database, preferably a more hidden directory, which will avoid database files being maliciously detected and downloaded. In addition, some programs also support the modification of suffixes, such as can be. The mdb database file is modified to. Asa suffixes can also effectively protect database security.

Deleting Unwanted Files

In many content management systems, there are many files that are not needed in the future. The most common ones may be system installation files. Usually named install.php or install.asp, if there is a similar file in your space, delete it now.

In addition, some CMS also have many functions, such as question and answer system, etc., but often these functions will not be used in the website. At this time, it is recommended to delete the directories of these functions, or just keep Html. Static page, then set the directory to read-write but not executable.

About the server
Windows system
Server Load Balancing Solution

As organizations grow, the number of internal application systems is increasing, and the performance
Serv-u port number modification method

                  This article takes Serv-U6.4 as an example. Setting method: Double-click to open S
Several implementation methods of port mapping

                               Port mapping is used to access specific port services from the Intern
Proxy server routing analysis

                   For small user groups or home users to access the Internet, dial-up Internet acce
MDT 2010 combat: lightweight contact deployment Win2003

                   MDT 2010 has added a new advanced feature - Media, which allows us to remove the

Server virtual system comparison: Xen vs MS vs VM

                   In the following we will compare these new virtualization products, but we need t
  • DNS server
  • FTP server
  • Web server
  • Proxy server
  • Mail server
  • Server synthesis
  • About the server

    • Win8 one pass: associated Sina Weibo to people application

    9 essential common sense to maintain Window /Unix server

    How to cancel the Win8.1 system boot password?

    How to close Win10 virtual memory? Win10 method to close virtual memory

    How to delete input method win10? Win10 delete Microsoft Pinyin input method graphic tutorial

    What can I do if Windows 7 fails to boot after XP crashes in dual system

    What should I do if the window in the Windows 7 taskbar moves automatically?

    How to view the location of the Win7 desktop program

    Win10 preview version 10154 how? Win10 preview version 10154 get started demo video

    How to make Win7 download network in sleep mode?

  • Windows XP System Tutorial
  • Windows 7 System Tutorial
  • Windows 8 System Tutorial
  • Windows 10 System Tutorial
  • Windows 2003 System Tutorial
  • Windows 2008 System Tutorial
  • Windows Vista System Tutorial
  • Windows tutorial synthesis
  • Windows Server System Tutorial
  • Linux system Tutorial
  • Computer software Tutorial
  • Windows NT Tutorial
    • Copyright © Windows knowledge All Rights Reserved