WordPress 网站加载后自动重定向

发布于 2024-08-22 19:58:23 字数 1468 浏览 10 评论 0原文

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

沉默的熊 2024-08-29 19:58:23

您的博客肯定已被黑客入侵。我可以在你博客的源代码中看到非常邪恶的JavaScript代码:

<script language=javascript>document.write(unescape('%3C%73%63%72%69......

正如你所说,它可能是重定向到其他网站的代码。您的博客的安全性一定受到了某种程度的损害,这肯定在您的模板的源代码中。

您应该下载所有内容并立即关闭该网站,以保护您的访问者和您网站的声誉(以防止其进入任何恶意软件黑名单)。查看第二个链接中的“让您的网站离线”一章。我不知道您使用的是哪个版本的 Wordpress,也许 WP 的论坛可以帮助您了解入侵是如何发生的。也许通知托管公司并看看他们是否可以提供任何其他信息也是一个好主意。如果您有权访问任何日志文件,请获取副本并查看它们是否告诉您任何信息。

链接:

供以后参考:

Your Weblog has definitely been hacked. I can see very evil-looking JavaScript code in the source code of your blog:

<script language=javascript>document.write(unescape('%3C%73%63%72%69......

It is probably code to redirect to other sites, as you say. Your Blog's security must have been compromised somehow, this is definitely in your template's source code.

You should download everything and take the site down immediately to protect your visitors, and your site's reputation (to prevent it from getting on any malware blacklist). Check out the "Getting your site off line" chapter in the 2nd link. I don't know which version of Wordpress you're using, maybe WP's forums can be helpful in finding out how the break-in occurred. Maybe it's also a good idea to inform the hosting company and see whether they can provide any additional information. If you have access to any log files, fetch a copy and look whether they tell you anything.

Links:

For later maybe:

水水月牙 2024-08-29 19:58:23

Specific to Wordpress (and linked numerous times in the Wordpress forums): FAQ: My site was hacked « WordPress Codex and how-to-completely-clean-your-hacked-wordpress-installation.

捶死心动 2024-08-29 19:58:23

我会尝试在关闭 JavaScript 的情况下访问该网站。这将是验证是否有人将其放入 onLoad 的快速方法。它当然可以被编写为间歇性触发。

如果您有权访问服务器的文件,我会查看 .htaccess 文件,其中可能包含重写规则。

最后,我会尝试通过 IP 地址访问网站来检测 DNS 问题,但我发现这种方法不太可能实现。

不要忘记仔细查看主题的更改,这是最有可能的攻击途径。

I would try accessing the site with JavaScript turned off. That would be a quick way of verifying if someone had put that in an onLoad. It certainly could have been written to fire intermittently.

If you have file access to the server, I would look at the .htaccess file, which might have rewrite rules in it.

Lastly, I would try accessing the website by IP address to detect DNS problems, but I find it highly unlikely it would work that way.

Don't forget to look closely at changes to your theme, which is the most likely avenue of attack.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文