pbootcms被黑挂马解决办法：

1）替换apps以及core文件,如果本地没有备份保存,那么可以选择升级到最近版本,目前官方也根据这个问题进行了更新处理.

2）修改robots.txt文件添加针对首页问题的拒绝访问规则

# Robots 

Disallow: /admin/*

Disallow: /skin/

Disallow: /template/

Disallow: /static/*

Disallow: /api/*

Disallow: /?*

3) 修改源码,在apps/home/controller/IndexController.php 文件中添加针对首页带参数问题的处理。代码大概在200行以后找到//一级目录这里,在上方添加

    if(SITE_DIR == ''){
                    if(strstr(URL,"?")){
                         _404('您访问的路径错误，请核对后重试！');
                    }
                    //一级目录
                    $this->urlJump($url_rule_type,false);
                } else {
                    //二级目录
                    $this->urlJump($url_rule_type,true);
                }
    //备注:我后面发现个别低版本的好像没有if(SITE_DIR == ''){开头的这里,那么就需要自己主动添加上判断语句才可以

如下:在这里的后方加上else流程,进入主页流程的操作,同时加上urlJump方法(或者升级到最新版本以后再进行修改)

urlJump方法

     //首页跳转并过滤注入字符
        /*
         * @param $type url模式
         * @param $isSecSiteDir 是否为二级目录 boolean
         * */
        private function urlJump($type, $isSecSiteDir){
            $http = is_https() ? 'https://' : 'http://';
            $matches1 = '';
            switch ($type){
                //普通模式
                case 1:
                    $preg1 = '';
                    if($isSecSiteDir === true){
                        if($_SERVER['REQUEST_URI'] == SITE_DIR . '/index.php'){
                            $preg1 = '/^\/.*?\/index.php/';
                        } elseif($_SERVER['REQUEST_URI'] == '/index.php'){
                            $preg1 = '/^\/index.php/';
                        }
                    } else {
                        $preg1 = '/^\/index.php/';
                    }
                    preg_match($preg1,$_SERVER['REQUEST_URI'],$matches1);
                    break;
                //伪静态
                case 2:
                    $preg2 = '';
                    if($isSecSiteDir === true){
                        if($_SERVER['REQUEST_URI'] == SITE_DIR . '/'){
                            $preg2 = '/^\/.*/';
                        } elseif($_SERVER['REQUEST_URI'] == '/'){
                            $preg2 = '/^\/$/';
                        }
                    } else {
                        $preg2 = '/^\/.*/';
                    }
                    preg_match($preg2,$_SERVER['REQUEST_URI'],$matches1);
                    break;
                //兼容模式
                case 3:
                    $preg3 = '';
                    if($isSecSiteDir === true){
                        if(strpos($_SERVER['REQUEST_URI'], SITE_DIR) === 0){
                            $preg3 = '/(^\/.*?\/index.php)|(^\/.*)/';
                        } elseif(strpos($_SERVER['REQUEST_URI'], '/') === 0){
                            $preg3 = '/(^\/index.php)|(^\/)/';
                        }
                    } else {
                        $preg3 = '/(^\/index.php)|(^\/)/';
                    }
                    preg_match($preg3,$_SERVER['REQUEST_URI'],$matches1);
                    break;
            }
            if($matches1[0]){
                if($_SERVER['REQUEST_URI'] == $matches1[0]){
                    $this->getIndexPage();
                } else {
                    header("Location: " . $http . $_SERVER['HTTP_HOST'] . $matches1[0], true, 301);
                }
            } else {
                _404('您访问的页面不存在，请核对后重试！');
            }
        }

通过以上三步基本上就可以杜绝本次批量被挂马的问题,后续就是要加强服务器上的安全验证的问题了.

本文地址：https://www.rezhanwang.com/weihu/2647.html