神秘地添加了PHP脚本 [英] mysteriously added php script
问题描述
大家好...我最近注意到一些奇怪的.php脚本会自动添加到我服务器上的某些文件夹中......这个脚本被称为47481.php
hi everyone... i''ve recently noticed some strange .php scripts that are automatically added to some folders on my server... this one is called "47481.php"
推荐答案
服务器永远不应该自动添加脚本...允许用户上传文件或者你做有任何可能允许在您的服务器上执行文件的安全漏洞吗?
A server should never automatically add a script... To you allow users to upload files or do you have any security holes that may possibly allow a file to be executed on your server?
服务器应该永远不会自动生成添加脚本...允许用户上传文件,或者您是否有任何可能允许在服务器上执行文件的安全漏洞?
A server should never automatically add a script... To you allow users to upload files or do you have any security holes that may possibly allow a file to be executed on your server?
嗨...我允许人们将某些图像文件上传到服务器上的特定文件夹中......但上面的php脚本位于不同的文件夹中只有我用来发送自动电子邮件给用户通知他们他们的文件已收到,或者他们的订单已经准备好等等。你看,我建立了一些只有我可以填写的小html表格(用户''将姓名,电子邮件等发送给客户的电子邮件,似乎每当我这样做时,神秘的PHP脚本将在我服务器上的文件夹中创建。
i可以删除这些神秘的PHP脚本,但它们最终会回来......
hi there... yes i allow people to upload certain image files into a specific folder on the server... but the above php script is located in different folders that that only i use to send out automatic emails to users notifying them that their file was received, or that their order is ready, etc. you see, i built some little html forms that only i can fill out (with a user''s name, email, etc.) which will send formulated emails to clients, and it seems whenever i do that, the mysterious php script will be created in the folder on my server.
i can delete these mysterious php scripts, but they will eventually come back...
是的,我允许人们将某些图像文件上传到服务器上的特定文件夹...
yes i allow people to upload certain image files into a specific folder on the server...
真的吗?这个脚本到底有多安全?您使用什么方法来验证上传的文件确实是有效的图像文件?
Really? Exactly how secure is this script? What methods do you use to verify that the file being uploaded is, indeed, a valid image file?
这篇关于神秘地添加了PHP脚本的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
