Kalozera wa Nkhani
Pafupifupi 90% amayamba chifukwa cha "malicious code".
WordPressKupitilira 80% yamasamba ndi mapulagini omwe amabweretsa ma code oyipa muakaunti yamawebusayiti (pali mapulagini ovomerezeka awebusayiti, mapulagini otsegulira pa intaneti, ndi zina zambiri).
Lina ndiloti mutu (wosweka, mutu wa pirated) ndi "code code" kapena "backdoor Trojan horse" yomwe imalowa mu seva kuti ifalitse zowonongeka.
pompano,Chen WeiliangKodi ndikuwonetsani momwe mungaipezeretu pasadakhale posanthula kachidindo kamutu ka WordPress?
Unikani ndi kuchotsa code yoyipa mu function.php
Chodziwika kwambiri pa "code code" mu WordPress ndi function(s) .php mu bukhu lamutu.
Pamapeto pa fayilo ya function.php, nthawi zambiri pamakhala ndemanga yotseka monga chonchi:
//全部结束 ?>
Ngati muwona kuti palibe ndemanga yotseka yotere, ndiye kuti mukutsimikiza kuti fayilo yanu ya function.php yasokonezedwa ndipo muyenera kuyang'ana.
Kodi code yoyipa ya mutu wa WordPress ndi iti?
Mwachitsanzo, mzere wotsatira wa code:
- gwiritsani ntchito _checkactive_widgets
- gwiritsani ntchito _check_active_widget
- gwiritsani ntchito _get_allwidgets_cont
- gwiritsani ntchito _get_all_widgetcont
- ntchito stripos
- ntchito strripos
- ntchito scandir
- ntchito _getprepare_widget
- ntchito _prepared_widget
- gwiritsani ntchito __zolemba_zotchuka
- add_action("admin_head", "_checkactive_widgets");
- add_action("init", "_getprepare_widget");
- _verify_activate_widgets
- _check_sactive_widget
- _peza_zonse
- _konzekerani_mawijeti
- __zolemba_zotchuka
- Mzere uliwonse umakhala wodziyimira pawokha.
- Ngati muli ndi code yomwe ili pamwambapa mu function.php ndiye kuti mutha kukhala ndi kachilombo koyipa.
- Pakati pawo, ntchito, add_action, ndi zina zotero nthawi zambiri zimakhala za "code code" ndi "ntchito yokonzekera".
Kodi kuchotsa function.php njiru virus code?
Ndikosavuta kuyeretsa.
Monga mu fayilo ya function.php, pezani code yomwe ili pamwambayi ndikuyichotsa.
Koma atadwala, mitu yonse yomwe ili m'ndandanda wamutuwu ikhala ndi kachilombo.
Chifukwa chake mumangodziwa kuti mutu womwe wagwiritsidwa ntchito pano ndi wolakwika, ndipo ukachotsedwa, upangidwa mwachangu kwambiri.
Pambuyo poyeretsa kachidindo kamutu, ikani fayilo ya function.php ku zilolezo za 444 ndikuyeretsa mitu ina.
Pomaliza, kodi muyenera kusintha zilolezo kubwerera ku fayilo yapitayi.php,Chen WeiliangNdikofunikira kuti zilolezo za 444 zikhale zotetezeka kwambiri.
Mukafuna kusintha, ndibwino kuti musinthe.
Hope Chen Weiliang Blog ( https://www.chenweiliang.com/ ) adagawana "Kodi code yoyipa ya mutu wa WordPress ndi iti?Website Malicious Code Analysis" kukuthandizani.
Takulandirani kugawana ulalo wa nkhaniyi:https://www.chenweiliang.com/cwl-1579.html
Takulandilani panjira ya Telegraph yabulogu ya Chen Weiliang kuti mupeze zosintha zaposachedwa!
📚 Bukuli lili ndi phindu lalikulu, 🌟Uwu ndi mwayi wosowa, musaphonye! ⏰⌛💨
Share ndi like ngati mukufuna!
Kugawana kwanu ndi zomwe mumakonda ndizomwe zimatilimbikitsa nthawi zonse!