本文适用于虚拟主机或LINUX主机的用户朋友,因为虚拟主机或LINUX的主机,不方便直接操作目录权限(即使操作了,也不完全能修复),因此我们是通过设置伪静态的方法,来实现漏洞修复,具体步骤如下: 一、伪静态规则是.htaccess的用户参照这里: 打开.htaccess,将以下代码复制在这个文件底部,保存即可。 RewriteRule upload/(.*).(PHP)$ – [L,NC] RewriteRule upload/(.*).(asp)$ – [L,NC] RewriteRule upload1/(.*).(php)$ – [L,NC] RewriteRule upload1/(.*).(asp)$ – [L,NC] RewriteRule upload2/(.*).(php)$ – [L,NC] RewriteRule upload2/(.*).(asp)$ – [L,NC] RewriteRule upload3/(.*).(php)$ – [L,NC] RewriteRule upload3/(.*).(asp)$ – [L,NC] RewriteRule ad/(.*).(PHP)$ – [L,NC] RewriteRule ad/(.*).(asp)$ – [L,NC] RewriteRule gg/(.*).(PHP)$ – [L,NC] RewriteRule gg/(.*).(asp)$ – [L,NC] RewriteRule uploadfile/(.*).(php)$ – [L,NC]
RewriteRule uploadfile/(.*).(asp)$ – [L,NC] RewriteRule userphoto/(.*).(php)$ – [L,NC] RewriteRule userphoto/(.*).(asp)$ – [L,NC] RewriteRule attached/(.*).(php)$ – [L,NC] RewriteRule attached/(.*).(asp)$ – [L,NC] RewriteRule img/(.*).(php)$ – [L,NC] RewriteRule img/(.*).(asp)$ – [L,NC] RewriteRule homeimg/(.*).(php)$ – [L,NC] RewriteRule homeimg/(.*).(asp)$ – [L,NC] RewriteRule js/(.*).(php)$ – [L,NC] RewriteRule js/(.*).(asp)$ – [L,NC] RewriteRule css/(.*).(php)$ – [L,NC] RewriteRule css/(.*).(asp)$ – [L,NC]
二、伪静态规则是httpd.ini的用户参照这里: 打开httpd.ini,将以下代码复制在这个文件底部,保存即可。 RewriteRule /config/ueditor/php/upload/(.*).PHP$ /css/ [I] RewriteRule /config/ueditor/php/upload/(.*).asp$ /css/ [I] RewriteRule /config/ueditor/php/upload1/(.*).php$ /css/ [I] RewriteRule /config/ueditor/php/upload1/(.*).asp$ /css/ [I] RewriteRule /config/ueditor/php/upload2/(.*).php$ /css/ [I] RewriteRule /config/ueditor/php/upload2/(.*).asp$ /css/ [I] RewriteRule /config/ueditor/php/upload3/(.*).php$ /css/ [I] RewriteRule /config/ueditor/php/upload3/(.*).asp$ /css/ [I] RewriteRule /config/ueditor_mini/php/upload/(.*).php$ /css/ [I] RewriteRule /config/ueditor_mini/php/upload/(.*).asp$ /css/ [I] RewriteRule /config/ueditor_mini/php/upload1/(.*).php$ /css/ [I] RewriteRule /config/ueditor_mini/php/upload1/(.*).asp$ /css/ [I] RewriteRule /config/ueditor_mini/php/upload2/(.*).php$ /css/ [I] RewriteRule /config/ueditor_mini/php/upload2/(.*).asp$ /css/ [I] RewriteRule /config/ueditor_mini/php/upload3/(.*).php$ /css/ [I] RewriteRule /config/ueditor_mini/php/upload3/(.*).asp$ /css/ [I] RewriteRule /ad/(.*).php$ /css/ [I] RewriteRule /ad/(.*).asp$ /css/ [I] RewriteRule /js/(.*).php$ /css/ [I] RewriteRule /js/(.*).asp$ /css/ [I] RewriteRule /homeimg/(.*).php$ /css/ [I] RewriteRule /homeimg/(.*).asp$ /css/ [I] RewriteRule /css/(.*).php$ /css/ [I] RewriteRule /css/(.*).asp$ /css/ [I] RewriteRule /gg/(.*).php$ /css/ [I]
RewriteRule /gg/(.*).asp$ /css/ [I] RewriteRule /img/(.*).php$ /css/ [I]
RewriteRule /img/(.*).asp$ /css/ [I] RewriteRule /userphoto/(.*).php$ /css/ [I] RewriteRule /userphoto/(.*).asp$ /css/ [I] RewriteRule /upload/(.*).php$ /css/ [I] RewriteRule /upload/(.*).asp$ /css/ [I] RewriteRule /ckeditor/attached/(.*).php$ /css/ [I] RewriteRule /ckeditor/attached/(.*).asp$ /css/ [I] RewriteRule /config/loveedit/uploadfile/(.*).PHP$ /css/ [I] RewriteRule /config/loveedit/uploadfile/(.*).asp$ /css/ [I]
三、nginx伪静态的,参考如下: 将以下规则复制进伪静态文件里即可 location ~* ^/((.*)upload|ad|gg|img|homeimg|js|css|ckeditor\/attached|(.*)upload1|(.*)upload2|(.*)upload3)/.*\.(php|php5|asp)$ { deny all; }
四、IIS7,建立一个UTF8格式的文件,命名为web.config,将以下代码复制到这个文件中 <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <handlers accessPolicy="Read" /> </system.webServer> </configuration> 然后将这个文件web.config传到后台提示的漏洞文件夹中 如果以上的这个IIS7方法不适用, 请用以下代码
<rule name="p1"> <match url="^ad/(.*).php" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="a1"> <match url="^ad/(.*).asp" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="p0"> <match url="^gg/(.*).php" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="a0"> <match url="^gg/(.*).asp" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="p2"> <match url="(.*)upload/(.*).php" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="a2"> <match url="(.*)upload/(.*).asp" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="p3"> <match url="(.*)upload1/(.*).php" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="a3"> <match url="(.*)upload1/(.*).asp" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="p4"> <match url="(.*)upload2/(.*).php" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="a4"> <match url="(.*)upload2/(.*).asp" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="p5"> <match url="(.*)upload3/(.*).php" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="a5"> <match url="(.*)upload3/(.*).asp" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="p6"> <match url="^img/(.*).php" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="a6"> <match url="^img/(.*).asp" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="p7"> <match url="^ckeditor/attached/(.*).php" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="a7"> <match url="^ckeditor/attached/(.*).asp" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule>
<rule name="p8"> <match url="^css/(.*).php" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="a8"> <match url="^css/(.*).asp" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="p9"> <match url="^js/(.*).php" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="a9"> <match url="^js/(.*).asp" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="p10"> <match url="^homeimg/(.*).php" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule> <rule name="a10"> <match url="^homeimg/(.*).asp" ignoreCase="false" /> <action type="Rewrite" url="/css/" appendQueryString="false" /> </rule>
一品猪源码--版权声明 !
1、本主题所有言论和图片纯属会员个人意见,与一品猪立场无关
2、本站所有主题由该帖子作者发表,该帖子作者与一品猪享有帖子相关版权
3、其他单位或个人使用、转载或引用本文时必须同时征得该帖子作者和一品猪的同意
4、帖子作者须承担一切因本文发表而直接或间接导致的民事或刑事法律责任
5、本帖部分内容转载自其它来源,但并不代表本站赞同其观点和对其真实性负责
6、如本帖侵犯到任何版权问题,请立即告知本站,本站将及时予与删除并致以最深的歉意
7、一品猪官方管理员和版主有权不事先通知发贴者而删除本文
|