3, the background of security
Destoon web background login address is the domain name /admin.php, /admin.php files in the root directory name we can modify the login website through FTP, such as the modification of abc.php, so that we can manage through the website domain name /abc.php.
small find many themes, it was found that include/global.func.php, member/record.php these files can pass through the SQL injected access to the website backstage account and password, so in the conditions allow, can combine their own website needs these two files execute permissions to cancel.
site settings, security center can be set to allow back log in IP and date, while the security center can choose whether to open the admin log.
2, the background login address
if you make your own template, in order to prevent it from being downloaded, you can set a secret directory name, template/abc, then, in the default template selection site can choose abc
database server select general settings for localhost access, remote access is prohibited. Do not use the password to access the database in 123456 this kind of weak passwords, to avoid being guess, this free host still has the advantage, worry free host database access password has a prefix, and it is a string of numbers is very complicated, do not worry about this problem.
would you do the above door website is much safer.
, 1, founder of password security
as the highest authority founder with a web site, so when we set the password is best set a little complex, do not use such a low-level password 123456, so as not to break
6, SQL injection to prevent access to the website background account password
each website program there will be some security risks, destoon is no exception, the free host security settings Xiaobian introduce some general methods of the website, the website security risks to a minimum.