Isalathiso senqaku
WordPressNgowona mthombo usetyenziswa simahla novulelekileyo kwihlabathiukwakha iwebhusayithiinkqubo, zininziIntengiso ye-Intanethiesetyenziswa ngabasebenziIwebhusayithi yeWordPressyenzaseoI-Traffic ithengisa iintengiso, ithengisa amalungu, ithengisa iimveliso, ithengisa iinkonzo...
- Ke iWordPress inesityebi kakhuluIplagi ye-WordPresskwaye imixholo isimahla ukukhuphela, ngelixa phambili ngakumbi, iinguqulelo zepro ezihlawulwayo zeeplagi kunye nemixholo zikwakhona.
kutshanjeChen WeiliangUkuba uceba ukuthenga inguqulo yobuchwephesha yeplagi ye-WordPress, yiya kuGoogle ukuze ufumane, kwaye ngengozi ufumene ukuba kukho iwebhusayithi ebonelela ngokukhuphela kwamahhala kweenguqulelo eziqhekekileyo zeeplagi ze-WordPress kunye nemixholo.
Ndazama nje ukuyikhuphela kwaye ndiyisebenzise, kodwa ayizange ivakale kakuhle: kutheni ezi webhusayithi zibonelela ngokukhuphela mahala kunye neenguqulelo ze-crack azikho imodeli yenzuzo kwaphela, kwaye azikho ezinye iintengiso kwiwebhusayithi?
Ekubeni iwebhusayithi iye yagqekezwa amatyeli amaninzi, ndisebenzisa inguqulelo eqhekekileyo软件, iiplagi okanye imixholo, zilumke kakhulu xa kukho "i-backdoor" yenkqubo yobungozi.
Oku kulandelayo ngo-Agasti 2020, 08Chen WeiliangUmfanekiso weskrini webhlog egqekeziweyo▼
- LinuxIiseva ziye zagqekezwa zaza zaphazanyiswa ngabaqweqwedisi abavela eIndonesia.
- Kukho ifayile eyongezelelweyo ye-"mm.php" yobuthathaka kwifolda nganye yewebhusayithi, enokusetyenziswa ngokungafanelekanga.VestaCP ebangelwa yiphaneli.
Ukusombulula ingxaki yokuqhekezwa kukubuyisela ngokuthe ngqoCentOS 7 OS kwaye utshintshe ukuyaFaka iPhaneli yoLawulo yeCWP, emva koko ubuyisele i-backup yewebhusayithi▼
- Kuba ndifundile malunga nokuba sesichengeni kokhuseleko lwe "Pagoda Control Panel" ngaphambili, ekugqibeleni ndagqiba ekubeni ndisebenzise.Iphaneli yokulawula yeCWP,
Lithetha ukuthini i-backdoor?
Ikakhulu ukusuka kwi "Trojan horse", i-backdoor ithetha ukuba isoftware yongeze izikhewu, njengokuvula umnyango ongasemva wekhaya lakho, olungele ukungena kunye nokuba ulwazi.
❗️ Isilumkiso malunga nemixholo yeplugin eneTrojan ngasemva
Ezi webhusayithi zilandelayo zibonelela ngeenguqulelo eziqhekekileyo zeeplagi ezinkulu zeWordPress kunye nemixholo yeWordPress:
1) WPTRY ▼
2) Imixholo yasimahla yasimahla ▼
- Chen WeiliangKuqiniseke kakhulu ukuba isoftware, iplug-ins kunye nemixholo kwezi webhusayithi zimbini zineempazamo zangasemva.Musa ukuzikhuphela kwaye uzisebenzise, kungenjalo nceda uthwale iziphumo ngomngcipheko wakho!
?Ujongwa njani ubuthathaka benkqubo yeTrojan horse backdoor?
Kukho iindlela ezi-2 zokuskena ikhowudi yomthombo wewebhusayithi kwiifayile zangasemva:
- Eyokuqala: sebenzisa iplagin yokhuseleko lwe-WordPress
- Okwesibini: sebenzisaizixhobo ze-intanethiUkubulala iifayile zokuskena
?Okokuqala: Sebenzisa iplagi yokuskena yoKhuseleko lweWordPress
Kuyacetyiswa ukuba usebenzise le plugin yokhuseleko lwewebhusayithi yeWordPress - Ukhuseleko lwe-Wordfence ukuskena yonke imixholo kunye neeplagi kwiwebhusayithi yeWordPress kwiibhetshi ukubona ukuba kukho iifayile ze-PHP ezingemngcipheko ngasemva▼
?Okwesibini: sebenzisa iskena sokhuseleko ukufumana iifayile ze-PHP esichengeni isixhobo kwi-intanethi
Izixhobo ezikwi-Intanethi zokukunceda uhlalutye iifayile ezikrokrelekayo kunye nee-URL, ukukhangela iintlobo ze-malware ▼
Ndiyathemba Chen Weiliang Blog ( https://www.chenweiliang.com/ ) kwabelwana "Indlela yokuskena ikhowudi yomthombo wewebhusayithi kwiifayile zangasemva? Fumana i-PHP Trojan horse loopholes online", eluncedo kuwe.
Wamkelekile ukwabelana ngekhonkco leli nqaku:https://www.chenweiliang.com/cwl-1405.html
Wamkelekile kwisitishi seTelegram sebhlog kaChen Weiliang ukufumana uhlaziyo lwamva nje!
📚 Esi sikhokelo sinexabiso elikhulu, 🌟Eli lithuba elinqabileyo, ungaliphoswa! ⏰⌛💨
Yabelana kwaye uthanda ukuba uyathanda!
Ukwabelana kwakho kunye nezinto ozithandayo ziyinkuthazo yethu eqhubekayo!