堆栈内存溢出
  简体   繁体   English

如何从我的网站中删除HTML注入

[英]How to remove html injection from my website

 原文  2016-03-31 09:32:38       php/ html/ code-injection/ spam-prevention

问题描述

Today I was looking for my cached page of my website then I find that Google indexed lot of spammy pages which I cannot find in my website. 今天,我正在寻找网站的缓存页面,然后发现Google索引了很多我在网站中找不到的垃圾页面。

My website is a college website but in Google there are pages of " nike air max 95 at jd sports " and all my url's are rewrite but in Google it showing a new url (this is similar like my URL: http://example.com/?nike-max-air-343.html ). 我的网站是一个大学网站,但在Google中有“ jd sports的nike air max 95 ”页面,我的所有URL都被重写,但是在Google中它显示了一个新URL(这与我的URL类似: http:// example。 com /?nike-max-air-343.html )。

When I try to find this page in my website I didn't find any of these pages. 当我尝试在我的网站中找到此页面时,没有找到任何这些页面。 Kindly provide me any possible solutions so the Google can't list a 请为我提供任何可能的解决方案,以便Google不会列出

"This site maybe Hacked" “此网站可能被黑客入侵了”

message on SERP. 在SERP上的消息。

2 个解决方案

解决方案1
 0  2016-03-31 10:55:29

Whenever this happended to me I started the lookforbadguys.php script, you can find here 每当我发生这种情况时,我就会启动lookforbadguys.php脚本,您可以在此处找到

https://gist.github.com/jasperf/3191259 https://gist.github.com/jasperf/3191259

Copy this file into the DOCUMENT_ROOT of your page and then call in browser 将此文件复制到页面的DOCUMENT_ROOT中,然后在浏览器中调用

http://example.com/lookforbadguys.php http://example.com/lookforbadguys.php

It then scans your file-system under document root for suscpicious file names and code 然后,它会在文档根目录下扫描您的文件系统,查找可疑的文件名和代码。

It may create a long list of hits, and you have to check every single one (if you don't know exactly that you made it yourself). 它可能会创建一长串命中列表,并且您必须检查每一个命中列表(如果您不完全知道自己是否成功)。 This is tedious, but I works. 这很乏味,但我可以。

One little hint: Save the output of the scan as html file and open that file in browser. 一个小提示:将扫描输出保存为html文件,然后在浏览器中打开该文件。 This prevents the script to scan on reload. 这样可以防止脚本在重新加载时进行扫描。

After that you must identify the security holes of your server. 之后,您必须确定服务器的安全漏洞。 You may have to update installed software and/or your scripts. 您可能必须更新已安装的软件和/或脚本。

解决方案2
 0  2016-04-14 21:14:38

I don't think you have to do anything. 我认为您不必做任何事情。 I had a similar warning today. 我今天也有类似的警告。

"Hacked by Andreas Rehm 2006..." seems to be part of the source code for the file on line# 353 Source for file OLERead.php on grad.clemson.edu “由Andreas Rehm 2006入侵……”似乎是第353行上该文件的源代码的一部分grad.clemson.edu上文件OLERead.php的源代码

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 保护我的HTML表单不被注入 - Protecting my html forms from injection 如何从我的网站中删除重定向链错误 - How to remove Redirect Chain Error from my website 准备好的语句是否完全保护我的网站免受MySQL注入? - Would prepared statements completely secure my website from MySQL injection? HTML注射在我的网站上 - Html injection in my site 如何使我的测试网站容易受到SQL注入的攻击? - How do I make my test website vulnerable to SQL injection? 如何测试我的网站是否存在基本的 sql 注入漏洞? - How to test my website for basic sql injection vulnerabilities? 有没有办法使用mod_rewrite从我的网站上删除.html和.php代码? - Is there a way, using mod_rewrite, to remove both the .html AND the .php code from my website? 是否可以从访问我的网站中删除 bingbot? - is it possible to remove a bingbot from accessing my website? 如何从数组中删除HTML引号? - How can I remove HTML quotes from my array? 在我的网站上将其他网站生成的XML显示为HTML - Display XML generated from other website on my website as HTML
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM