Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall
The public, the dream of the Open source program in the enterprise station or portal occupies a large position, its own powerful function and quick, easy to operate characteristics, so many beginners have chosen this program to build their own website site. However, it is precisely because so many people use this program, but also make many hackers use its program itself loopholes, intrusion Webmaster web site, hanging black chain, release virus, planting Trojans, so that the vast majority of dream owners are miserable, small series of garbage truck site has been deeply affected. So how does a small weave solve the problem?
At the beginning, the small series has also been very silly to think, patched, delete trojan file, you can solve this problem, however, in fact, the hacker has spread the virus files to different folders, although the small set according to the date to determine which hackers put up the Trojan program, and then deleted, but the folder is really too much, can not all clean off. So, small set also don't go to one by one see what Trojan file, directly under a most new version of the Dream program, reinstall again, and then back up the good database, back up, so, a new no Trojan program was born. If you think your site is safe now, it is a big mistake, although it is the latest edition, but the small series has been studied, there are still loopholes. There are a few special attention to the Trojan, small series has also been recruited, the following will be detailed to solve the solution.
1, 90sec.php Trojan
I think this Trojan program, all used to dream process and the owners of the Trojan, should be no stranger, this trojan is extremely difficult, deleted, the next day will appear, this is because the root cause is not found, the specific solution is to find $v2 in include/dedesql.class.php. Chr ($arrs 2[$i]); Comment it out.
if (Isset ($GLOBALS [' arrs1 '])
{
$v 1 = $v 2 = ";
For ($i =0;isset ($arrs 1[$i); $i + +)
{
$v 1. = Chr ($arrs 1[$i]);
}
For ($i =0;isset ($arrs 2[$i); $i + +)
{
$v 2. = Chr ($arrs 2[$i]); Note here
}
$GLOBALS [$v 1]. = $v 2;
}
2. Tplcache Cache files under Database
This folder is also a Trojan horse program resident base, but also deleted and hung, hang up and delete, small set of solution, the data database write permission to turn off, the specific method is, DEDECMS program is PHP, So we usually use the space with a. Htaccess, this is a configuration file, where the site's 301 redirects, 404 error pages, allow/block access to specific users or directories, prohibit directory listings and other functions can be implemented here, the specific operation is to open this file , enter the following command to save it.
Rewriteengine on Rewritecond%!^$
Rewriterule uploads/(. *). (PHP) $ [F]
Rewriterule data/(. *). (PHP) $ [F]
Rewriterule templets/(. *). (PHP) $ [F]
3. DEDECMS 5.7 SQL Injection Vulnerability
This loophole, small part of the site has not been used, but only with the security alliance to check out the loophole, this loophole has caused 360 of security attention, called on the majority of the webmaster hurriedly patched.
Above, is small series encountered some Trojans, as well as solutions. In addition to the above methods, small series also will be the location of the replacement of the data, and then deleted some Dede officially released some of the necessary documents, specific can go to Dede official website to view. Of course, backup database, killing virus has become a small part of the daily necessary work, but also hope that the majority of the webmaster will also have to develop a good habit of backup, do not report luck psychology!
This article from the garbage truck http://www.cxzyc8.com starting A5, reprint please keep the source of the link, thank you for your cooperation!