How to let the Black Chain "fly" after the website is hung

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

Today and a netizen exchanged friendship links, by the way of the template file, when pulling to the bottom of the feeling is not normal, a part of the code to export a lot of links, and is the same URL of the different anchor text (such as the figure), because my site template is my own imitation, so the first feeling is that my site was "contaminated", Might have been hung up by the legendary black chain.

So I opened the site's homepage and content page to view a bit, and did not find these links, seemingly all normal, or check the source code it, only the source file can best explain the problem. The fox's tail was found at the bottom of the file. These links are as disgusting as a patch of plaster.

Why are so many links not displayed in the Web page, which aroused my thinking. I think there must be other documents for its service, access to my template file, a careful analysis of the code, and found that there are three files for this link code service. (They are bases.js,copyri.js,you.php, respectively). Use FTP to download these three files down to analyze carefully, feel very good.

The first bases.js code is: Document.writeln ("< script language=\" javascript\ "type=\" text\/javascript\ "src=\" \/include\/ You.php\ ">< \/script >"), it is obvious to use JS code to invoke/include/you.php file, that is to say this code has no practical effect, just to conceal the real funny file you.php.

Open you.php let me very confused. In the Dreamweaver a blank, nothing ah, this is not possible, while the unconscious side of the scrolling mouse wheel, random action but gave me a great discovery, at 97 lines there is a code: Document.writeln (' < DIV class=link _TD id=ddl_9 style=\ "display:none\", then I suddenly realized that this sentence is "the culprit", with JS script to hide the link. Do SEO know, search engine can not parse < SCRIPT > </script >, so this link for direct access to the user is not visible, but for the search engine is really a regular link. Personal feeling, this practice is really ingenious.

The contents of the Copyri.js file are exceptionally simple: Document.writeln ("</div >"); This is the script language output "</div >" tag, the purpose is to close the you.php file out of the < div > tag, so far, this black chain code is perfect.

Knowing the truth, the next step is to clear the files and code. For files directly in the FTP file can be deleted, for the link code to check in the template file, the code pollution is not only the first page of the template, including content pages, search page, label page, etc., is pervasive, people are impossible, only for each template file for inspection and clean-up. But the position is basically fixed, all before, which also brings convenience to the cleaning work (^_^).

As I have other sites also use this template, and the site has been linked to each other, so there are two stations have been the same pollution, so also have to repeat the above action, lasted more than 30 minutes to finish, the Cup.

After the completion of careful thinking, this situation with their own security awareness is too bad have a great relationship, so in this advice to everyone standing friends, do site security is the first, otherwise we have to do all the hard work, really do not know who is doing "wedding clothes" it. For security there are a few points to do: 1, the background must not use the default directory; 2, the password as far as possible complex, not for good memory and set a simple or all the site passwords are set the same; 3, often check their template source code. This article by the Mountaineering Bag http://www.nv-bao.com webmaster written in the site was hanging black chain, A5 starting, reproduced please indicate the source, thank you very much.