Some hidden dangers of Dedecms and how to prevent risks

The actual code is longer than the one intercepted above, but it is a duplication of this code. As for the log.php code, it is similar to this one, with only one sentence, simple and clear. If you have a little knowledge of network security, you will know that it is a PHP trojan. You can use some specified tools to execute this code. It is expected to be a password cracking function.

Now that we know what kind of vulnerability the other party uses and what principle the other party uses to exploit the vulnerability, how can we prevent these dangerous things from happening? After consulting a large amount of information, I preliminarily sorted out the following steps to prevent vulnerability from being exploited, hoping to help webmaster friends who also apply to dedecms.

1、 Patch the upgraded version and set directory permissions

This is the official solution to this problem. No matter what version of dedecms you use, you should upgrade the version in the background in time to automatically update the patch. This is the most important step to avoid the vulnerability being exploited; At the same time, the official also provides the method of setting the directory, mainly setting data, templets, uploads, and a as read-write and non executable permissions; Include, member, plus, background management directory, etc. are set to executable, readable and non writable permissions; Delete the install and special directories. See the official instructions for specific settings.

2、 Modify admin account and password

Hackers may use the default admin account and then speculate about the password to crack it, so it is very important to modify the default admin account. As for how to modify it, there are many methods. It is more effective to log in to the website database with phpadmin, find the dede_admin database table (dede is the prefix of the database table), and modify the userid and pwd, The password must be changed to f297a57a5a743894a0e4, which is the default password admin; After modification, go to the background to log in, and change the password after logging in to the background.

3、 Other noteworthy points

As for more details, we should also pay attention not to choose too cheap space as far as possible. Too cheap space is prone to security problems of the server itself. As long as the server has problems, the entire website under the server will be hopeless. Also, if it is unnecessary, try not to open membership registration, which is troublesome to use; As for the background directory of the website, do not write it in robots. txt. At the same time, change it at least once a month. The administrator password and other passwords should also be changed to avoid being speculated to be the same as other account passwords.

After several instances of websites being attacked, we have to say that the Internet is not a network that can sleep in peace. As a webmaster, a web weaver, we should pay more attention to network security; As long as these preventive measures are taken as required, not to mention 100%, at least 95% of them may not be able to successfully obtain background permissions.