Infected Files - what to do

时间:2017-10-26 作者:clarence_odbody

一位朋友收到了主机发出的关于受感染文件的通知,并要求我查看。我不懂wordpress或php,所以我对我要找的东西有点迷茫。是网站扫描。txt。我不知道我在看什么,希望有人能给我一些指导,看看这份报告在说什么,我能做些什么来解决问题。谢谢

Scan started at - Fri Oct 13 13:42:53 EDT 2017
/htdocs/wp-admin/edit-comments_ver1.php:    
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-admin/css/colors/midnight/colors-rtl_new.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-admin/css/colors/ectoplasm/colors_indesit.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-admin/css/colors/sunrise/colors.min_backup.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-admin/css/colors/ocean/colors-rtl.min_backup.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-admin/network/site-settings_old.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-admin/maint/repair_old.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-admin/includes/taxonomy_backup.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-admin/js/inline-edit-tax_infoold.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-admin/user/admin_bck_old.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-content/themes/fiore/functions.php: 
LONGDEF.PHP.Spam-Links-009N.UNOFFICIAL FOUND
/htdocs/wp-content/themes/fiore/images/thicklines-2x_noversion.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-content/themes/fiore/js/customizer_new.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-includes/SimplePie/HTTP/Parser_bck_old.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-includes/SimplePie/Content/6f26e1e6_bck_old.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-includes/Text/Diff_ver1.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-includes/js/tinymce/utils/mctabs_bck_old.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-includes/js/tinymce/langs/wp-langs-en_infoold.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-includes/js/tinymce/skins/lightgray/img/trans_backup.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-includes/js/tinymce/plugins/07ab1454_indesit.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-includes/js/tinymce/plugins/hr/plugin.min_backup.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-includes/js/tinymce/plugins/wpgallery/plugin.min_indesit.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND
/htdocs/wp-includes/js/tinymce/plugins/media/plugin_infoold.php: 
JCDEF.Obfus.CreateFunc.BackDoorEval-26.UNOFFICIAL FOUND


----------- SCAN SUMMARY -----------
Infected files: 23 
Time: 238.961 sec (3 m 58 s) 
Scan ended at - Fri Oct 13 13:46:52 EDT 2017

2 个回复
最合适的回答,由SO网友:Frank P. Walentynowicz 整理而成

如果您的网站有良好的完整备份,请从中还原您的网站(推荐)。安装和设置WordFence 插件(在没有备份的情况下)。

如果您没有良好的备份:

立即从此列表中删除所有文件。获取WordPress版本的清晰副本,以及主题的清晰副本。复制整个主题。复制到清理/wp-admin/, 和/wp-includes/. 启动您的网站。安装WordFence 安全插件,激活它,并设置其防火墙。定期扫描以查看问题是否仍然存在,并按照插件的说明进行操作。

第三种选择:如果您觉得不舒服,请自己执行上述步骤,向安全专家寻求帮助。

SO网友:Md. Amanur Rahman

只需使用FTP或文件管理器删除这些受感染的文件。。然后登录到wp admin并添加WordFence安全WordPress插件。然后定期监控现场健康状况

结束
标签: security   小码农  

相关推荐

Contact Form Security

在Wordpress中构建我自己的联系人表单。除了典型的电子邮件etc验证和可能的验证码之外,我还需要考虑任何其他安全步骤。我没有向数据库发送任何数据。