早上起来就看到江湖谣传:wordpress中有90多个连接能够爆出网站路径,新老版本无一幸免包括wordpress 3.5
比如这些文件:
/wp-settings.php
/wp-admin/admin-functions.php
/wp-admin/menu-header.php
/wp-admin/menu.php
/wp-admin/options-head.php
/wp-admin/upgrade-functions.php
/wp-admin/includes/admin.php
/wp-admin/includes/class-ftp-pure.php
/wp-admin/includes/class-ftp-sockets.php
/wp-admin/includes/class-wp-comments-list-table.php
/wp-admin/includes/class-wp-filesystem-direct.php
/wp-admin/includes/class-wp-filesystem-ftpext.php
/wp-admin/includes/class-wp-filesystem-ssh2.php
/wp-admin/includes/class-wp-links-list-table.php
/wp-admin/includes/class-wp-media-list-table.php
/wp-admin/includes/class-wp-ms-sites-list-table.php
/wp-admin/includes/class-wp-ms-themes-list-table.php
/wp-admin/includes/class-wp-ms-users-list-table.php
/wp-admin/includes/class-wp-plugin-install-list-table.php
/wp-admin/includes/class-wp-plugins-list-table.php
/wp-admin/includes/class-wp-posts-list-table.php
/wp-admin/includes/class-wp-terms-list-table.php
/wp-admin/includes/class-wp-theme-install-list-table.php
/wp-admin/includes/class-wp-themes-list-table.php
/wp-admin/includes/class-wp-users-list-table.php
/wp-admin/includes/continents-cities.php
/wp-admin/includes/dashboard.php
/wp-admin/includes/file.php
/wp-admin/includes/media.php
/wp-admin/includes/menu.php
/wp-admin/includes/misc.php
/wp-admin/includes/ms.php
/wp-admin/includes/nav-menu.php
/wp-admin/includes/plugin-install.php
/wp-admin/includes/plugin.php
/wp-admin/includes/theme-install.php
/wp-admin/includes/update.php
/wp-admin/includes/user.php
/wp-admin/network/menu.php
/wp-admin/user/menu.php
/wp-content/languages/zh_CN.php
/wp-content/plugins/akismet/akismet.php
/wp-content/plugins/akismet/legacy.php
/wp-content/plugins/akismet/widget.php
/wp-includes/admin-bar.php
/wp-includes/author-template.php
/wp-includes/category-template.php
/wp-includes/class-feed.php
/wp-includes/class-snoopy.php
/wp-includes/class-wp-http-ixr-client.php
/wp-includes/class-wp-xmlrpc-server.php
/wp-includes/class.wp-scripts.php
/wp-includes/class.wp-styles.php
/wp-includes/comment-template.php
/wp-includes/default-filters.php
/wp-includes/default-widgets.php
/wp-includes/feed-atom-comments.php
/wp-includes/feed-atom.php
/wp-includes/feed-rdf.php
/wp-includes/feed-rss.php
/wp-includes/feed-rss2-comments.php
/wp-includes/feed-rss2.php
/wp-includes/functions.php
/wp-includes/general-template.php
/wp-includes/kses.php
/wp-includes/media.php
/wp-includes/ms-default-constants.php
/wp-includes/ms-default-filters.php
/wp-includes/ms-functions.php
/wp-includes/ms-settings.php
/wp-includes/nav-menu-template.php
/wp-includes/post-template.php
/wp-includes/post.php
/wp-includes/registration-functions.php
/wp-includes/registration.php
/wp-includes/rss-functions.php
/wp-includes/rss.php
/wp-includes/script-loader.php
/wp-includes/shortcodes.php
/wp-includes/taxonomy.php
/wp-includes/template-loader.php
/wp-includes/theme.php
/wp-includes/update.php
/wp-includes/user.php
/wp-includes/vars.php
/wp-includes/js/tinymce/plugins/spellchecker/config.php
/wp-includes/js/tinymce/plugins/spellchecker/classes/EnchantSpell.php
/wp-includes/js/tinymce/plugins/spellchecker/classes/GoogleSpell.php
/wp-includes/js/tinymce/plugins/spellchecker/classes/PSpell.php
/wp-includes/js/tinymce/plugins/spellchecker/classes/PSpellShell.php
/wp-includes/theme-compat/comments-popup.php
/wp-includes/theme-compat/comments.php
/wp-includes/theme-compat/footer.php
/wp-includes/theme-compat/header.php
/wp-includes/theme-compat/sidebar.php
访问一下,都提示Fatal error、warning什么什么的,然后列出文件的绝对地址。
以为php在没有连接到数据库或者其他情况下会有提示错误,一般错误信息中会包含php脚本当
前的路径信息或者查询的SQL语句等信息,这类信息提供给黑客后,是不安全的,所以一般服务器建议禁止错误提示。
解决方法:关闭PHP的错误报告:display_errors = Off
在PHP.ini这个配置文件中修改,我的VPS用的LNMP,所以PHP配置文件PHP.ini在/usr/local/php/etc/php.ini,找到,并修改里面的这个参数就可以了。
当然,顺便看看log_errors的值,据官方的说法,当这个log_errors设置为On,那么必须指定error_log文件,如果没指定或者指定的文件没有权限写入,那么照样会输出到正常的输出渠道,那么也就使得display_errors 这个指定的Off失效,错误信息还是打印了出来。所以检查将log_errors = Off,能够确保修改成功,不会出现PHP设置文件php.ini中明明已经设置display_errors = Off,但是在运行过程中,网页上还是会出现错误信息的情况。
最后,登陆ssh重启LNMP,命令如下: /root/lnmp restart
什么神器可以爆路径
哈哈,直接浏览文件就可以啊