织梦去除一切自带后门和破绽的办法

DEDECMS去除所有自带后门和漏洞的方法(DEDE安装之后需要做的事)

Dedecms安全步骤，安装之后的操作

1 将文件夹dede改名为其他，比如 /dede58.com/

2 搜索ad.dedecms.com，文件\templets\login_ad.htm

删除如下这一段：

3 继续搜索ad.dedecms.com，文件 \templets\

index_body.htm 删除如下这一段：

</p> <p> 4 搜索 api.dedecms.com，</p> <p> 5 函数 api_fopen(),PostHost(),SendData()</p> <p> 6 文件test_env.php会导致服务器死机，在文件开头部分增加这一段：</p> <p> $hashKey = ‘www.dede58.com’;</p> <p> if(!($hash && $hash == $hashKey))</p> <p> {</p> <p> echo ‘</p> <p> 测服务器文件权限</a>';</p> <p> exit();</p> <p> }</p> <p> 7 文件 \module_main.php，注释掉这两段，</p> </p> <p> 他们会向dedecms官网发送卸载或安装插件的信息，如果你的服务器不是很好，或不支持采集（下载），那么会卡死！去掉。</p> <p> 321行//SendData($hash);</p> <p> 527行//SendData($hash,2);</p> </p> <p> 8 文件\include\taglib\flink.lib.php 去除从这里开始</p> <p> 的这一段，因为如果你的网站空间配置不太好或者甚至不支持采集，那么很可能卡死：</p> <p> else if($typeid == 999)</p> <p> {</p> <p> }</p> <p> 9 文件 \include\dedemodule.class.php 为什么管理模</p> <p> 块总是打不开的原因，在于这里，每30分钟向官网检测一次版本，所以你的网站不支持采</p> </p> <p> 集或配置太低，卡死！</p> <p> if(file_exists($cachefile) && (filemtime($cachefile) + 60 * 30) > time()) 修改为</p> <p> if(file_exists($cachefile) && filesize($cachefile) > 10)</p> <p> 10 文件 \include\dedesql.class.php，</p> <p> 去掉这一段，他会给网站加友情链接：</p> <p> $arrs1 = array(0x63,0x66,0x67,0x5f,0x70,0x6f,0x77,0x65,0x72,0x62,0x79);</p> <p> $arrs2 = array(0x20,0x3c,0x61,0x20,0x68,0x3d,0x74,0x3a,0x2f,</p> <p> 0x77,0x2e,0x64,0x63,0x6d,0x73,</p> <p> 0x67,0x27,0x6c,0x6e,0x6b,0x3e,0x50,</p> <p> 0x62,0x79,0x44,0x43,0x3e);</p> <p> //特殊操作</p> </p> <p> 11 文件 \include\common.func.php，加版权的，可以去掉：</p> <p> $arrs1 = array(0x63,</p> <p> 0x74,</p> <p> 0x6d,</p> <p> 0x6f,0x3e);</p> </p> <p> 12 删除根目录下的 install 文件夹</p> <p> 13 删除根目录下的 member文件夹</p> <p> 14 删除根目录下的 plus 文件夹下除 list.php view.php count.php之</p> <p> 外的其他所有php文件！</p> </p> <p> 15 后台设置，关闭会员功能</p> <p> 16 后台设置，修改水印文件。上传新的水印文件到/data/mark</p> <p> 17 修改根目录下的 favicon.ico为自己的</p> <p> 对比其他CMS，dedecms简单方便实用友好。唯一的缺点：安全性不高</p> <p> （相对其他CMS）。</p> </p> <p> 帝国CMS对比dedecms的不足之处，后台不友好，使用操作不方便。</p> <p> 编辑器还是原始的fckeditor，漏洞很多。模板不好制作。</p> <p> 18 修改 data文件夹名称为 data#7080，这一步非常关键</p> <p> 之后在data#7080 文件夹中加入 .htaccess ，文件内容 deny from all</p> <p> 之后需要修改首页文件/index.php，全局公用引入文件/include/comm.inc.php ，</p> <p> 将/data其中的/data全部替换为 /data#7080</p> <p> 之后修改整个项目文件中的/data，勾选“匹配整个词语”，替换为 /data#7080。</p> <p> （注意，如果没有将/include/data 目录改名为 /include/data#7080，</p> <p> 那么需要手动检查替换，以免错误）。</p> <p> 19 在/include 目录中加入 .htaccess，内容 deny from all。</p> <p></p></p> </div> <div class="single-credit"> 本文来自网络，不代表青岛站长网立场。转载请注明出处： <a href="https://www.0532zz.com/html/zhonghe/cms/20210330/17946.html">https://www.0532zz.com/html/zhonghe/cms/20210330/17946.html</a> </div> <div class="entry-footer clear"> <div class="entry-footer-right"> </div> </div> <div class="entry-bottom clear"> <div class="entry-tags"> <span class="tag-links"><span>标签:</span><a href="https://www.0532zz.com/html/tag/dede%e6%95%99%e7%a8%8b" rel="tag">dede教程</a> <a href="https://www.0532zz.com/html/tag/%e7%bb%87%e6%a2%a6%e6%95%99%e7%a8%8b" rel="tag">织梦教程</a></span> </div> </div> </article> <div class="post-nav clear"> <div class="post-nav-previous"><i class="fa fa-angle-left"></i> 上一篇<a href="https://www.0532zz.com/html/zhonghe/cms/20210330/17947.html" rel="next">织梦后台登陆后又返回登陆界面怎么办</a></div> <div class="post-nav-next">下一篇 <i class="fa fa-angle-right"></i><a href="https://www.0532zz.com/html/zhonghe/cms/20210330/17945.html" rel="prev">织梦判断某字段为空就显示自定义的内容</a></div> </div> <div class="author-box clear"> <a href="https://www.0532zz.com/html/author/dawei"><img alt='' src='https://gravatar.wpfast.org/avatar/b955b202a225926a334dc812467c1fa8?s=120&d=mm&r=g' srcset='https://gravatar.wpfast.org/avatar/b955b202a225926a334dc812467c1fa8?s=240&d=mm&r=g 2x' class='avatar avatar-120 photo' height='120' width='120' decoding='async'/></a> <div class="author-meta"> <h4 class="author-name">作者: <span class="hover-underline"><a target="_blank" href="https://www.0532zz.com/html/author/dawei">dawei</a></span></h4> <div class="author-desc"> 【声明】：青岛站长网内容转载自互联网，其相关言论仅代表作者个人观点绝非权威，不代表本站立场。如您发现内容存在版权问题，请提交相关链接至邮箱：bqsm@foxmail.com，我们将及时予以处理。 </div> </div> </div> <div class="entry-related clear"> <h3 class="section-title">为您推荐</h3> <div class="related-loop clear"> <div class="hentry ht_grid_1_3"> <a class="thumbnail-link" href="https://www.0532zz.com/html/zhonghe/cms/20210330/18189.html" target="_blank"> <div class="thumbnail-wrap"> <img src="https://www.0532zz.com/wp-content/themes/damenhu/thumb.php?src=http://www.0532zz.com/wp-content/uploads/2022/01/7.jpg&w=300&h=180" alt="织梦channel标签增加limit(属性)功能"/> </div> </a> <h2 class="entry-title"><a href="https://www.0532zz.com/html/zhonghe/cms/20210330/18189.html" target="_blank">织梦channel标签增加limit(属性)功能</a></h2> </div> <div class="hentry ht_grid_1_3"> <a class="thumbnail-link" href="https://www.0532zz.com/html/zhonghe/cms/20210330/18188.html" target="_blank"> <div class="thumbnail-wrap"> <img src="https://www.0532zz.com/wp-content/themes/damenhu/thumb.php?src=http://www.0532zz.com/wp-content/uploads/2022/01/5.jpg&w=300&h=180" alt="织梦“更新系统缓存”清理沉积缓存的功能"/> </div> </a> <h2 class="entry-title"><a href="https://www.0532zz.com/html/zhonghe/cms/20210330/18188.html" target="_blank">织梦“更新系统缓存”清理沉积缓存的功能</a></h2> </div> <div class="hentry ht_grid_1_3 last"> <a class="thumbnail-link" href="https://www.0532zz.com/html/zhonghe/cms/20210330/18187.html" target="_blank"> <div class="thumbnail-wrap"> <img src="https://www.0532zz.com/wp-content/themes/damenhu/thumb.php?src=http://www.0532zz.com/wp-content/uploads/2022/01/8.jpg&w=300&h=180" alt="什么是织梦仿站,织梦仿站违法吗"/> </div> </a> <h2 class="entry-title"><a href="https://www.0532zz.com/html/zhonghe/cms/20210330/18187.html" target="_blank">什么是织梦仿站,织梦仿站违法吗</a></h2> </div> <div class="hentry ht_grid_1_3"> <a class="thumbnail-link" href="https://www.0532zz.com/html/zhonghe/cms/20210330/18186.html" target="_blank"> <div class="thumbnail-wrap"> <img src="https://www.0532zz.com/wp-content/themes/damenhu/thumb.php?src=http://www.0532zz.com/wp-content/uploads/2022/01/5-1.jpg&w=300&h=180" alt="织梦后台添加是否新会员注册功能"/> </div> </a> <h2 class="entry-title"><a href="https://www.0532zz.com/html/zhonghe/cms/20210330/18186.html" target="_blank">织梦后台添加是否新会员注册功能</a></h2> </div> <div class="hentry ht_grid_1_3"> <a class="thumbnail-link" href="https://www.0532zz.com/html/zhonghe/cms/20210330/18185.html" target="_blank"> <div class="thumbnail-wrap"> <img src="https://www.0532zz.com/wp-content/themes/damenhu/thumb.php?src=http://www.0532zz.com/wp-content/uploads/2022/01/1.jpg&w=300&h=180" alt="织梦系统字符串内容截取函数"/> </div> </a> <h2 class="entry-title"><a href="https://www.0532zz.com/html/zhonghe/cms/20210330/18185.html" target="_blank">织梦系统字符串内容截取函数</a></h2> </div> <div class="hentry ht_grid_1_3 last"> <a class="thumbnail-link" href="https://www.0532zz.com/html/zhonghe/cms/20210330/18184.html" target="_blank"> <div class="thumbnail-wrap"> <img src="https://www.0532zz.com/wp-content/themes/damenhu/thumb.php?src=http://www.0532zz.com/wp-content/uploads/2022/01/8.jpg&w=300&h=180" alt="织梦会员中心单独获得会员级别的方法"/> </div> </a> <h2 class="entry-title"><a href="https://www.0532zz.com/html/zhonghe/cms/20210330/18184.html" target="_blank">织梦会员中心单独获得会员级别的方法</a></h2> </div> </div> </div> </main> </div> <aside id="secondary" class="widget-area sidebar"> <div id="custom_html-6" class="widget_text widget widget_custom_html"><h2 class="widget-title">广告</h2><div class="textwidget custom-html-widget"></div></div> <div id="recent-posts-4" class="widget widget_recent_entries"> <h2 class="widget-title">最新文章</h2> <ul> <li> <a href="https://www.0532zz.com/html/yxnj/20240704/18709.html">云虚拟机更加灵活的资源分配方式</a> <span class="post-date">2024年7月4日</span> </li> <li> <a href="https://www.0532zz.com/html/yxnj/20240704/18713.html">云虚拟机通过虚拟化技术和安全防护措施</a> <span class="post-date">2024年7月4日</span> </li> <li> <a href="https://www.0532zz.com/html/yxnj/20240704/18712.html">云虚拟机易于管理和维护的优势</a> <span class="post-date">2024年7月4日</span> </li> <li> <a href="https://www.0532zz.com/html/yxnj/20240704/18711.html">云虚拟机可以实现绿色计算和绿色存储</a> <span class="post-date">2024年7月4日</span> </li> <li> <a href="https://www.0532zz.com/html/yxnj/20240704/18710.html">云虚拟机实现混合云架构的关键技术之一</a> <span class="post-date">2024年7月4日</span> </li> </ul> </div><div id="custom_html-7" class="widget_text widget widget_custom_html"><h2 class="widget-title">广告</h2><div class="textwidget custom-html-widget"></div></div><div id="tag_cloud-4" class="widget widget_tag_cloud"><h2 class="widget-title">云标签</h2><div class="tagcloud"><a href="https://www.0532zz.com/html/tag/04" class="tag-cloud-link tag-link-300 tag-link-position-1" style="font-size: 8pt;" aria-label="04 (181 项)">04</a> <a href="https://www.0532zz.com/html/tag/asp" class="tag-cloud-link tag-link-32 tag-link-position-2" style="font-size: 19.5pt;" aria-label="asp (895 项)">asp</a> <a href="https://www.0532zz.com/html/tag/asp-net" class="tag-cloud-link tag-link-31 tag-link-position-3" style="font-size: 20.5pt;" aria-label="asp.net (1,019 项)">asp.net</a> <a href="https://www.0532zz.com/html/tag/centos" class="tag-cloud-link tag-link-286 tag-link-position-4" style="font-size: 13.833333333333pt;" aria-label="CentOS (404 项)">CentOS</a> <a href="https://www.0532zz.com/html/tag/dede%e6%95%99%e7%a8%8b" class="tag-cloud-link tag-link-1760 tag-link-position-5" style="font-size: 21.166666666667pt;" aria-label="dede教程 (1,124 项)">dede教程</a> <a href="https://www.0532zz.com/html/tag/django" class="tag-cloud-link tag-link-973 tag-link-position-6" style="font-size: 9.1666666666667pt;" aria-label="django (212 项)">django</a> <a href="https://www.0532zz.com/html/tag/java" class="tag-cloud-link tag-link-78 tag-link-position-7" style="font-size: 20.333333333333pt;" aria-label="java (998 项)">java</a> <a href="https://www.0532zz.com/html/tag/linux" class="tag-cloud-link tag-link-270 tag-link-position-8" style="font-size: 21pt;" aria-label="Linux (1,107 项)">Linux</a> <a href="https://www.0532zz.com/html/tag/mvc" class="tag-cloud-link tag-link-33 tag-link-position-9" style="font-size: 14.833333333333pt;" aria-label="mvc (472 项)">mvc</a> <a href="https://www.0532zz.com/html/tag/mysql" class="tag-cloud-link tag-link-172 tag-link-position-10" style="font-size: 22pt;" aria-label="MySQL (1,251 项)">MySQL</a> <a href="https://www.0532zz.com/html/tag/nginx" class="tag-cloud-link tag-link-350 tag-link-position-11" style="font-size: 21pt;" aria-label="nginx (1,098 项)">nginx</a> <a href="https://www.0532zz.com/html/tag/oracle" class="tag-cloud-link tag-link-102 tag-link-position-12" style="font-size: 19pt;" aria-label="oracle (833 项)">oracle</a> <a href="https://www.0532zz.com/html/tag/php" class="tag-cloud-link tag-link-320 tag-link-position-13" style="font-size: 20.833333333333pt;" aria-label="php (1,082 项)">php</a> <a href="https://www.0532zz.com/html/tag/python" class="tag-cloud-link tag-link-313 tag-link-position-14" style="font-size: 19.666666666667pt;" aria-label="python (902 项)">python</a> <a href="https://www.0532zz.com/html/tag/server" class="tag-cloud-link tag-link-353 tag-link-position-15" style="font-size: 12pt;" aria-label="server (314 项)">server</a> <a href="https://www.0532zz.com/html/tag/sql" class="tag-cloud-link tag-link-183 tag-link-position-16" style="font-size: 18.333333333333pt;" aria-label="sql (754 项)">sql</a> <a href="https://www.0532zz.com/html/tag/ubuntu" class="tag-cloud-link tag-link-288 tag-link-position-17" style="font-size: 18pt;" aria-label="ubuntu (731 项)">ubuntu</a> <a href="https://www.0532zz.com/html/tag/windows" class="tag-cloud-link tag-link-361 tag-link-position-18" style="font-size: 12.333333333333pt;" aria-label="windows (331 项)">windows</a> <a href="https://www.0532zz.com/html/tag/%e4%b8%ad" class="tag-cloud-link tag-link-36 tag-link-position-19" style="font-size: 19.166666666667pt;" aria-label="中 (850 项)">中</a> <a href="https://www.0532zz.com/html/tag/%e4%ba%91%e8%99%9a%e6%8b%9f%e6%9c%ba" class="tag-cloud-link tag-link-10956 tag-link-position-20" style="font-size: 9.1666666666667pt;" aria-label="云虚拟机 (212 项)">云虚拟机</a> <a href="https://www.0532zz.com/html/tag/%e4%bd%bf%e7%94%a8" class="tag-cloud-link tag-link-53 tag-link-position-21" style="font-size: 16.5pt;" aria-label="使用 (591 项)">使用</a> <a href="https://www.0532zz.com/html/tag/%e5%a6%82%e4%bd%95" class="tag-cloud-link tag-link-52 tag-link-position-22" style="font-size: 19.5pt;" aria-label="如何 (884 项)">如何</a> <a href="https://www.0532zz.com/html/tag/%e5%ae%89%e8%a3%85" class="tag-cloud-link tag-link-43 tag-link-position-23" style="font-size: 14.833333333333pt;" aria-label="安装 (472 项)">安装</a> <a href="https://www.0532zz.com/html/tag/%e5%b0%86" class="tag-cloud-link tag-link-442 tag-link-position-24" style="font-size: 8.8333333333333pt;" aria-label="将 (205 项)">将</a> <a href="https://www.0532zz.com/html/tag/%e5%ba%94%e7%94%a8" class="tag-cloud-link tag-link-151 tag-link-position-25" style="font-size: 8pt;" aria-label="应用 (179 项)">应用</a> <a href="https://www.0532zz.com/html/tag/%e6%95%b0%e6%8d%ae%e5%ba%93" class="tag-cloud-link tag-link-206 tag-link-position-26" style="font-size: 10.666666666667pt;" aria-label="数据库 (260 项)">数据库</a> <a href="https://www.0532zz.com/html/tag/%e6%96%87%e4%bb%b6" class="tag-cloud-link tag-link-40 tag-link-position-27" style="font-size: 9.3333333333333pt;" aria-label="文件 (218 项)">文件</a> <a href="https://www.0532zz.com/html/tag/%e7%bb%87%e6%a2%a6%e6%95%99%e7%a8%8b" class="tag-cloud-link tag-link-1761 tag-link-position-28" style="font-size: 21.166666666667pt;" aria-label="织梦教程 (1,124 项)">织梦教程</a> <a href="https://www.0532zz.com/html/tag/%e7%bc%96%e7%a8%8b" class="tag-cloud-link tag-link-139 tag-link-position-29" style="font-size: 8.8333333333333pt;" aria-label="编程 (201 项)">编程</a> <a href="https://www.0532zz.com/html/tag/%e7%bc%96%e7%a8%8b%e9%97%ae%e7%ad%94" class="tag-cloud-link tag-link-89 tag-link-position-30" style="font-size: 21.166666666667pt;" aria-label="编程问答 (1,120 项)">编程问答</a></div> </div><div id="custom_html-8" class="widget_text widget widget_custom_html"><h2 class="widget-title">广告</h2><div class="textwidget custom-html-widget"></div></div> </aside> </div> </div> <div class="clear"></div> <footer id="colophon" class="site-footer container"> <div id="site-bottom" class="clear"> <div class="site-info"> <p align="center">【免责声明】本站内容转载自互联网，其发布内容言论不代表本站观点，如果其链接、内容的侵犯您的权益，烦请提交相关链接至邮箱xwei067@foxmail.com我们将及时予以处理。</p> <p align="center">Copygight © 2016-2023 https://www.0532zz.com All Rights Reserved.<a href="https://www.0532zz.com">青岛站长网</a></p> <p align="center">站长：xwei067#foxmail.com（请把#换成@）</p> <p align="center"><script charset="UTF-8" id="LA_COLLECT" src="//sdk.51.la/js-sdk-pro.min.js"></script><script>LA.init({id:"1zy1wryLsx3mjs1Y",ck:"1zy1wryLsx3mjs1Y"})</script><a target="_blank" title="51la网站统计" href="https://v6.51.la/land/1zy1wryLsx3mjs1Y"><img src="https://sdk.51.la/icon/3-1.png"></a> </p> </div> </div> </footer> </div> <div class="bottom-right"> <div id="back-top"> <a href="#top" title="返回顶部"> <span class="icon"><i class="fa fa-chevron-up"></i></span> <span class="text">返回顶部</span> </a> </div> </div> <script> // Get the modal var modal = document.getElementById('myModal'); // Get the button that opens the modal var btn = document.getElementById("myBtn"); // Get the <span> element that closes the modal var span = document.getElementsByClassName("close")[0]; // When the user clicks the button, open the modal btn.onclick = function() { modal.style.display = "block"; } // When the user clicks on <span> (x), close the modal span.onclick = function() { modal.style.display = "none"; } // When the user clicks anywhere outside of the modal, close it window.onclick = function(event) { if (event.target == modal) { modal.style.display = "none"; } } </script> <script> (function($){ //create closure so we can safely use $ as alias for jQuery $(document).ready(function(){ "use strict"; $(window).resize(function() { }); }); })(jQuery); </script> <script type="text/javascript" src="https://www.0532zz.com/wp-content/themes/damenhu/assets/js/superfish.js?ver=6.7.2" id="superfish-js"></script> <script type="text/javascript" src="https://www.0532zz.com/wp-content/themes/damenhu/assets/js/modernizr.min.js?ver=6.7.2" id="modernizr-js"></script> <script type="text/javascript" src="https://www.0532zz.com/wp-content/themes/damenhu/assets/js/html5.js?ver=6.7.2" id="html5-js"></script> <script type="text/javascript" src="https://www.0532zz.com/wp-content/themes/damenhu/assets/js/jquery.bxslider.min.js?ver=6.7.2" id="bxslider-js"></script> <script type="text/javascript" src="https://www.0532zz.com/wp-content/themes/damenhu/assets/js/index.js?ver=20200320" id="index-js"></script> <script type="text/javascript" src="https://www.0532zz.com/wp-content/themes/damenhu/assets/js/qrcode.js?ver=6.7.2" id="qrcode-js"></script> <script type="text/javascript" src="https://www.0532zz.com/wp-content/themes/damenhu/assets/js/social-share.js?ver=6.7.2" id="social-share-js"></script> <script type="text/javascript" src="https://www.0532zz.com/wp-content/themes/damenhu/assets/js/jquery.custom.js?ver=20220101" id="custom-js"></script> <script> /(trident|msie)/i.test(navigator.userAgent)&&document.getElementById&&window.addEventListener&&window.addEventListener("hashchange",function(){var t,e=location.hash.substring(1);/^[A-z0-9_-]+$/.test(e)&&(t=document.getElementById(e))&&(/^(?:a|select|input|button|textarea)$/i.test(t.tagName)||(t.tabIndex=-1),t.focus())},!1); </script> </body> </html>