Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
接受
或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
发布评论
评论(3)
您的博客肯定已被黑客入侵。我可以在你博客的源代码中看到非常邪恶的JavaScript代码:
正如你所说,它可能是重定向到其他网站的代码。您的博客的安全性一定受到了某种程度的损害,这肯定在您的模板的源代码中。
您应该下载所有内容并立即关闭该网站,以保护您的访问者和您网站的声誉(以防止其进入任何恶意软件黑名单)。查看第二个链接中的“让您的网站离线”一章。我不知道您使用的是哪个版本的 Wordpress,也许 WP 的论坛可以帮助您了解入侵是如何发生的。也许通知托管公司并看看他们是否可以提供任何其他信息也是一个好主意。如果您有权访问任何日志文件,请获取副本并查看它们是否告诉您任何信息。
链接:
Google 网站站长工具:我的网站已被黑客攻击
我的网站被黑了 - 现在怎么办? Google 网站站长中心上的一篇非常好的文章
供以后参考:
Your Weblog has definitely been hacked. I can see very evil-looking JavaScript code in the source code of your blog:
It is probably code to redirect to other sites, as you say. Your Blog's security must have been compromised somehow, this is definitely in your template's source code.
You should download everything and take the site down immediately to protect your visitors, and your site's reputation (to prevent it from getting on any malware blacklist). Check out the "Getting your site off line" chapter in the 2nd link. I don't know which version of Wordpress you're using, maybe WP's forums can be helpful in finding out how the break-in occurred. Maybe it's also a good idea to inform the hosting company and see whether they can provide any additional information. If you have access to any log files, fetch a copy and look whether they tell you anything.
Links:
Google Webmaster Tools: My Site has been hacked
My site's been hacked - now what? Very nice article on Google Webmaster Central
For later maybe:
特定于 WordPress(并在 WordPress 论坛中多次链接):常见问题解答:我的网站被黑了 « WordPress Codex 和 操作方法-完全清理您的被黑的wordpress安装。
Specific to Wordpress (and linked numerous times in the Wordpress forums): FAQ: My site was hacked « WordPress Codex and how-to-completely-clean-your-hacked-wordpress-installation.
我会尝试在关闭 JavaScript 的情况下访问该网站。这将是验证是否有人将其放入 onLoad 的快速方法。它当然可以被编写为间歇性触发。
如果您有权访问服务器的文件,我会查看 .htaccess 文件,其中可能包含重写规则。
最后,我会尝试通过 IP 地址访问网站来检测 DNS 问题,但我发现这种方法不太可能实现。
不要忘记仔细查看主题的更改,这是最有可能的攻击途径。
I would try accessing the site with JavaScript turned off. That would be a quick way of verifying if someone had put that in an onLoad. It certainly could have been written to fire intermittently.
If you have file access to the server, I would look at the .htaccess file, which might have rewrite rules in it.
Lastly, I would try accessing the website by IP address to detect DNS problems, but I find it highly unlikely it would work that way.
Don't forget to look closely at changes to your theme, which is the most likely avenue of attack.