Pineapple Pavilion ZBLOGCN .COM

Official Z-Blog Blog

ZB File Permission Security Setting Guide 😺💪⚔️

In order to prevent ZBLOG from being hacked or system vulnerability websites from being breached, you can set the website permissions as follows, which can be operated in the file management of the pagoda panel.

 aa8f5ca7e80342ad89545473fe3330b2_2009414714 (1).png

A: Directories and subdirectories with w permission and all files under them



B: Those who need to delete w permission are

Zb_system and its subdirectories

Other directories except cache and upload under zb_users

Index.php, feed.php, search.php in the root directory

C: To solve the problem that ftp cannot overwrite or install themes and plug-ins:

1. If you want to overwrite zb_system, add w permissions to zb_system and subdirectories in file management

2. If you want to install a new plug-in, add w permissions to the plugin directory under zb_users

3. Other required directories are also processed.

4. To prevent hackers from planting trojans on the website, please delete the added w permissions as soon as possible after the coverage is completed

D: Enable the code tamper proof function of the pagoda.

E: Security configuration of nginx

location ~* /(zb_users/cache|zb_users/upload|zb_users/logs)(.*)\.php$ {

    deny all;

    return 404;


location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|


    return 404;


Powered By Z-BlogPHP 1.7.3

ZBLOGCN.COM All rights reserved E ICP B No. 19031813 - 6 Shoot the clouds again Provide CDN and cloud storage services

It is strictly prohibited to use Z-BLOG to engage in any illegal activities, and illegal websites are prohibited to use Z-BLOG and related procedures| Illegal and Bad Information Reporting Center