
Welcome Anonymous
Protecting your site against hackers ⇒ Frequently Asked Questions ⇒ CPG Dragonfly™ CMS
Change your table prefixIf you are going to install a fresh CPG-Nuke driven website we advise that you change $prefix and $user_prefix to something of your own choosing.
If you forgot to do that, or you already have a running CPG-Nuke site, just follow these instructions... First BACKUP your database Then, in the below script, change "NEWPREFIX" to the new prefix you'd like to use. Save and upload this script, execute it from your browser, and run the listed SQL commands in phpMyAdmin. Once you have run these commands DELETE this file! define('CPG_NUKE', true);
require_once('config.php');
mysql_connect($dbhost, $dbuname, $dbpass, $dbname);
$result = mysql_list_tables($dbname);
while ($row = mysql_fetch_row($result) or die(mysql_error())) {
$table = $row[0];
if (eregi($prefix, $table)) {
echo "ALTER TABLE $row[0] RENAME ".eregi_replace($prefix,"NEWPREFIX",$table).";<br />";
}
} Then open your config.php and change the values of $prefix and $user_prefix to match the new prefix you chose in the script. Save and upload the new config.php. Good Luck! Protect subdirectoriesCPG-Nuke 8.2 and above has a .htaccess in the subdirectories which protects every PHP file to run on it's own (for ex. modules/Your_Account/register.php)
This could give a conflict when a module/add-on asks a file like that in the browser. Now you can create a new .htaccess file which allows to run (only) that file from a subdirectory. <filesmatch "\.php$">
Allow from all
</filesmatch> It's better to change the link for that specific file then to use above script to keep security. Run a cronjob to backup databaseYou can run a 'cronjob' to make a backup each day/week/month of your database to keep a backup even when you get hacked.
create a shell file with following #! /bin/sh
FILE=DBNAME-`date +%Y%m%d%H%M`.sql
DIR=/PATH/TO/YOUR/ROOT
mysqldump -f -hHOSTNAME -uUSERNAME -pPASSWORD DBNAME --add-drop-table | gzip -9c >${DIR}${FILE}.gz '/PATH/TO/YOUR/ROOT' for example /home/mydom.com/backup don't put in '/home/mydom.com/public_html' for security reasons. HOSTNAME: for example 'localhost' USERNAME: the name you use to connect with database PASSWORD: the password of the user DBNAME: name of the database These are actualy the same as in config.php Upload the file to your root (ex. /home/mydom.com/dbbackup.sh ) Then in your cPanel/Ensim create a cronjob for it. Don't forget to download the backups and delete them once in a while to keep your serverspace |
User Info
![]() Welcome Anonymous |