Tusitusiga Tusitusiga
Toeitiiti lava 90% e mafua mai i le "malicious code".
WordPressE sili atu i le 80% o upega tafaʻilagi o faʻapipiʻi e aumaia ai tulafono leaga i totonu o faʻamatalaga i luga o le upega tafaʻilagi (o loʻo i ai faʻapipiʻi upega tafaʻilagi aloaia, faʻasalalauga i luga ole laiga, ma isi).
O le isi e faapea o le autu (vaega ta'e, autu pirated) o se "tulafono leaga" po o le "backdoor Trojan horse" lea e ulu atu i le server e faʻasalalau mea leaga.
na o le taimi nei,Chen WeiliangO le a faʻaali atu ia te oe pe faʻapefea ona e mauaina i luma atu o le taimi e ala i le suʻeina o le code theme WordPress?
Su'e ma fa'ate'a fa'ailoga leaga ile function.php
O le mea sili ona taatele e uiga i le "malicious code" i le WordPress o galuega (s).php i le autu autu.
I le faaiuga o le function.php faila, e masani lava ona i ai se faʻamatalaga faaiu e pei o lenei:
//全部结束 ?>
Afai e te iloa e leai se fa'amatalaga fa'ai'u fa'apea ona e mautinoa lea ua fa'afefe lau faila function.php ma e tatau ona e siaki.
O le a le fa'ailoga leaga ole autu ole WordPress?
Mo se faʻataʻitaʻiga, o le laina lea o le code:
- galuega _checkactive_widgets
- galuega _check_active_widget
- galuega _get_allwidgets_cont
- galuega _get_all_widgetcont
- galuega stripos
- galuega srripos
- galuega scandir
- galuega _getprepare_widget
- galuega _prepared_widget
- galuega __popular_posts
- add_action("admin_head", "_checkactive_widgets");
- add_action("init", "_getprepare_widget");
- _verify_isactivate_widgets
- _check_isactive_widget
- _get_allwidgetscont
- _sauni_widgets
- __popular_posts
- E tutoatasi laina taitasi.
- Afai e iai sau fa'ailoga o lo'o i luga i functions.php ona ono a'afia ai lea o oe ile fa'ailoga leaga.
- Faatasi ai ma i latou, galuega, add_action, ma isi e masani lava o code e patino i le "code leaga" ma le "gaioiga sauniuni".
Fa'afefea ona aveese function.php malicious virus code?
E faigofie fo'i ona fa'amamā.
Na'o le faila function.php, su'e le code i luga ma tape.
Ae o le taimi lava e aafia ai, o autu uma i le autu autu o le a aafia.
O lea e te iloa o le autu o loʻo faʻaaogaina nei e le aoga, ma a maeʻa loa, o le a vave ona gaosia.
A maeʻa ona faʻamamā le numera autu, seti le faila functions.php i le 444 faʻatagaga ona faʻamama lea o isi autu.
Mulimuli ane, e te manaʻomia le suia o faʻatagaga i tua i le faila functions.php,Chen WeiliangE fautuaina e 444 fa'atagaga e matua malupuipuia.
A e mana'o e sui, e lelei ona toe fa'alelei.
Hope Chen Weiliang Blog ( https://www.chenweiliang.com/ ) faasoa "O le a le tulafono leaga o le autu o WordPress?Upega Tafa'ilagi Malicious Code Analysis" e fesoasoani ia te oe.
Fa'afeiloa'i e fa'asoa le so'otaga o lenei tusitusiga:https://www.chenweiliang.com/cwl-1579.html
Faʻafeiloaʻi i le Telegram channel o le blog a Chen Weiliang e maua ai faʻamatalaga lata mai!
📚 O lenei taʻiala o loʻo i ai le taua tele, 🌟O se avanoa e seasea maua, aua le misia! ⏰⌛💨
Faasoa ma fiafia pe a e fiafia i ai!
O lau fefa'asoaa'i ma le fiafia o la matou fa'aosofiaga faifaipea!