你在这里

保护用户#1

原文链接:http://drupal.org/node/947312

 

在Drupal(#1用户)在安装过程中创建的帐户是一个特殊的帐户。首先,它绕过所有访问回调 - 这意味着它具有默认情况下,所有权限。否则,以确保该帐户可能会导致潜在的安全风险。

有追索权的几个选项,以确保该帐户 -

确保蛮力登录尝试被拒绝

Drupal的6和更早的,默认情况下,不防止蛮力登录尝试。一个机器人可以尝试字典攻击来猜测用户密码不被锁定。相反,登录安全模块可以安装在Drupal 6中添加此功能。

(此功能已被添加到Drupal 7的核心,请参阅#485974:提高安全性:速率限制登录尝试

完全禁用它

Drupal没有需要用户进行管理1。在Drupal 6,此帐户需要运行update.php和其他一些重要的用户功能的。的的来临drush的Drupal 7的创造<font style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; vertical-align: baseline; background-position: initial initial; background-repeat: initial initial; "><font style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; vertical-align: baseline; background-position: initial initial; background-repeat: initial initial; ">管理软件更新</font></font>的权限,该用户不再是每天的日常使用所需。

如果用户需要暂时的,他们可能会被禁用和重新启用,方便地使用drush或MySQL查询 -

在drush 4.0和更高版本- 
要禁用用户- <font style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; vertical-align: baseline; background-position: initial initial; background-repeat: initial initial; "><font style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; vertical-align: baseline; background-position: initial initial; background-repeat: initial initial; ">drush用户块1</font></font>
要重新启用用户- <font style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; vertical-align: baseline; background-position: initial initial; background-repeat: initial initial; "><font style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; vertical-align: baseline; background-position: initial initial; background-repeat: initial initial; ">drush用户疏通1</font></font>

在MySQL(假设没有表前缀) - 
禁用用户- <font style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; vertical-align: baseline; background-position: initial initial; background-repeat: initial initial; "><font style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; vertical-align: baseline; background-position: initial initial; background-repeat: initial initial; ">更新用户设置状态= 0 UID = 1</font></font>
要重新启用用户- <font style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; vertical-align: baseline; background-position: initial initial; background-repeat: initial initial; "><font style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; vertical-align: baseline; background-position: initial initial; background-repeat: initial initial; ">更新用户设置状态= 1 WHERE UID = 1</font></font>

此帐户生成一个随机生成的密码

Drupal的user_password功能可以被用来生成一个随机的字母数字密码。有许多密码发电机有可能会创造更安全的密码,包括符号和其他字符。

使用drush创建一个随机字母数字密码,运行以下命令- <font style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; vertical-align: baseline; background-position: initial initial; background-repeat: initial initial; "><font style="border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; border-style: initial; border-color: initial; background-image: initial; background-attachment: initial; background-origin: initial; background-clip: initial; background-color: transparent; font-size: 12px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; vertical-align: baseline; background-position: initial initial; background-repeat: initial initial; ">drush PHP-eval&#39;的的打印user_password();</font></font>

通过IP地址访问限制只有受信任的用户

限制登入或角色通过IP地址访问模块执行此功能,但目前还没有Drupal 7的IPv6支持。你应该检查模块页面的变化。

Comments

这是使用翻译软件自动翻译的结果吗?
好怪异的翻译。。如果是这样还不如看外语的。