Zen Cart文件上传的安全问题

Written by cocoyu on 八月 28th, 2009

Zen Cart的cache和images两个目录由于需要保存sessions和图像,设置了777的完全权限。但默认的Zen Cart在两个目录都没有设置.htaccess的安全执行机制,有可能(已经出现有了)被上传黑客程序。必须在cache和images两个目录里的.htaccess文件里增加以下代码,防止php程序在这两个目录里执行。

  1. [Files *.php]
  2. Order Deny,Allow
  3. Deny from all
  4. [/Files]

没有.htaccess就新建该文件(将[]换成<>)

This entry was posted on 星期五, 八月 28th, 2009 at 1:18 下午 and is filed under 安全问题. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

Comments are closed.


Contact Us立刻联系我们
现在就开始QQ咨询
使用MSN咨询
或者用Skype
你还可以在线问答

或许您还需要一个电话号码
028-87317934

版权所有 © 2010 卓意互联. Design By Zencart-ec