{"id":1373,"date":"2025-12-14T16:45:52","date_gmt":"2025-12-14T08:45:52","guid":{"rendered":"http:\/\/www.preluna.xyz\/?p=1373"},"modified":"2026-01-01T15:06:03","modified_gmt":"2026-01-01T07:06:03","slug":"%e5%89%8d%e7%ab%af%e6%96%87%e4%bb%b6%e6%8f%90%e4%ba%a4%e7%9a%84%e5%ae%89%e5%85%a8%e9%98%b2%e6%8a%a4","status":"publish","type":"post","link":"http:\/\/www.preluna.xyz\/index.php\/2025\/12\/14\/%e5%89%8d%e7%ab%af%e6%96%87%e4%bb%b6%e6%8f%90%e4%ba%a4%e7%9a%84%e5%ae%89%e5%85%a8%e9%98%b2%e6%8a%a4\/preluna\/text\/","title":{"rendered":"\u524d\u7aef\u6587\u4ef6\u63d0\u4ea4\u7684\u5b89\u5168\u9632\u62a4"},"content":{"rendered":"\n

\u6743\u9650\u7ba1\u7406<\/strong>\u3002\u7406\u89e3\u5e76\u914d\u7f6e\u597d\u5b83\uff0c\u662f\u4fdd\u8bc1\u7f51\u7ad9\u5b89\u5168\u3001\u6709\u5e8f\u8fd0\u884c\u7684\u57fa\u77f3\u3002\u6211\u4eec\u53ef\u4ee5\u5c06\u5176\u62c6\u89e3\u4e3a\u201c\u7406\u89e3\u9ed8\u8ba4\u89d2\u8272<\/strong>\u201d\u548c\u201c\u8fdb\u884c\u6743\u9650\u914d\u7f6e<\/strong>\u201d\u4e24\u90e8\u5206\u3002\u4e3a\u4e86\u8ba9\u6574\u4e2a\u6743\u9650\u4f53\u7cfb\u4e00\u76ee\u4e86\u7136\uff0c\u6211\u4eec\u5148\u901a\u8fc7\u4e00\u5f20\u56fe\u6765\u6982\u89c8WordPress\u6838\u5fc3\u7528\u6237\u89d2\u8272\u7684\u201c\u6743\u529b\u9636\u68af\u201d\u53ca\u5176\u5728\u6295\u7a3f\u7cfb\u7edf\u4e2d\u7684\u5173\u952e\u6743\u9650\uff1a<\/p>\n\n\n\n

\"\"<\/div><\/figure>\n\n\n\n

\u4e0a\u56fe\u5c55\u793a\u4e86\u4ece\u4f4e\u5230\u9ad8\u7684\u89d2\u8272\u6743\u9650\u3002\u5bf9\u4e8e\u6784\u5efa\u7684\u201c\u524d\u7aef\u6295\u7a3f-\u540e\u53f0\u5ba1\u6838<\/strong>\u201d\u7cfb\u7edf\uff0c\u6295\u7a3f\u8005 (Contributor)<\/strong> \u548c\u8ba2\u9605\u8005 (Subscriber)<\/strong> \u662f\u6700\u76f8\u5173\u7684\u4e24\u4e2a\u89d2\u8272\u3002<\/p>\n\n\n\n

\u6743\u9650\u9694\u79bb<\/strong><\/h2>\n\n\n\n

\u66b4\u9732\u4e86\u670d\u52a1\u5668\u6587\u4ef6\u8def\u5f84\u662f\u4e00\u4e2a\u4e25\u91cd\u7684\u5b89\u5168\u9690\u60a3<\/strong>\u3002\u8fd9\u901a\u5e38\u610f\u5473\u7740\u4e0a\u4f20\u7684\u6587\u4ef6\u88ab\u76f4\u63a5\u94fe\u63a5\u5230\u4e86\u670d\u52a1\u5668\u7684\u7edd\u5bf9\u8def\u5f84<\/strong>\uff08\u4f8b\u5982 http:\/\/\u4f60\u7684\u7f51\u7ad9.com\/wp-content\/uploads\/...<\/code>\uff09\uff0c\u8fd9\u4f1a\u8ba9\u6280\u672f\u578b\u7528\u6237\u7aa5\u63a2\u5230\u4f60\u7f51\u7ad9\u7684\u90e8\u5206\u76ee\u5f55\u7ed3\u6784\u3002<\/p>\n\n\n\n

\u95ee\u9898\u7684\u6839\u6e90\u5728\u4e8e \u201c\u5bf9\u4e0a\u4f20\u6587\u4ef6\u7684\u8bbf\u95ee\u63a7\u5236\u4e0d\u591f\u4e25\u683c\u201d<\/strong> \u3002\u6211\u4eec\u9700\u8981\u5efa\u7acb\u4e24\u5c42\u9632\u62a4\uff1a<\/p>\n\n\n\n

    \n
  1. \u7b2c\u4e00\u5c42\uff1a\u9690\u85cf\u8def\u5f84<\/strong> \u2013 \u786e\u4fdd\u524d\u7aef\u4e0d\u76f4\u63a5\u663e\u793a\u670d\u52a1\u5668\u7269\u7406\u8def\u5f84\u3002<\/li>\n\n\n\n
  2. \u7b2c\u4e8c\u5c42\uff1a\u8bbf\u95ee\u62e6\u622a<\/strong> \u2013 \u5373\u4f7f\u6709\u4eba\u731c\u5230\u4e86\u6587\u4ef6\u8def\u5f84\uff0c\u4e5f\u65e0\u6cd5\u76f4\u63a5\u901a\u8fc7\u6d4f\u89c8\u5668\u8bbf\u95ee\uff0c\u5fc5\u987b\u7ecf\u8fc7\u7f51\u7ad9\u7a0b\u5e8f\uff08\u548c\u6743\u9650\u68c0\u67e5\uff09\u3002<\/li>\n<\/ol>\n\n\n\n

     \u52a0\u56fa\u6b65\u9aa4\u4e00\uff1a\u914d\u7f6eFlamingo\u63d2\u4ef6\uff08\u9690\u85cf\u8def\u5f84\uff09<\/h3>\n\n\n\n

    \u6211\u4eec\u7684\u76ee\u6807\u662f\u8ba9Flamingo\u540e\u53f0\u53ea\u663e\u793a\u7528\u4e8e\u7ba1\u7406\u7684\u6587\u4ef6\u94fe\u63a5\uff0c\u800c\u4e0d\u66b4\u9732\u5177\u4f53\u8def\u5f84\u3002<\/p>\n\n\n\n

      \n
    1. \u8fdb\u5165Flamingo\u8bbe\u7f6e<\/strong>\uff1a\u5728WordPress\u540e\u53f0\uff0c\u8fdb\u5165 Flamingo \u2192 \u8bbe\u7f6e<\/strong>\u3002<\/li>\n\n\n\n
    2. \u68c0\u67e5\u201c\u6587\u4ef6\u4e0a\u4f20\u201d\u8bbe\u7f6e<\/strong>\uff1a\u627e\u5230\u4e0e\u201c\u6587\u4ef6\u4e0a\u4f20\u201d\u6216\u201c\u9644\u4ef6\u94fe\u63a5\u201d\u76f8\u5173\u7684\u9009\u9879\u3002<\/li>\n\n\n\n
    3. \u4fee\u6539\u94fe\u63a5\u7c7b\u578b\uff08\u5173\u952e\uff09<\/strong>\uff1a\u5982\u679c\u5b58\u5728\u76f8\u5173\u9009\u9879\uff0c\u5c1d\u8bd5\u5c06\u6587\u4ef6\u94fe\u63a5\u7684\u663e\u793a\u65b9\u5f0f\u4ece \u201c\u7edd\u5bf9URL\u201d<\/strong> \u6216 \u201c\u6587\u4ef6\u8def\u5f84\u201d<\/strong> \u6539\u4e3a \u201c\u76f8\u5bf9URL\u201d<\/strong> \u6216\u4ec5\u663e\u793a\u6587\u4ef6\u540d\u3002\u4e0d\u540c\u7248\u672c\u7684\u63d2\u4ef6\u8bbe\u7f6e\u53ef\u80fd\u4e0d\u540c\uff0c\u5982\u679c\u627e\u4e0d\u5230\uff0c\u8fd9\u4e00\u6b65\u53ef\u4ee5\u6682\u65f6\u8df3\u8fc7\uff0c\u6211\u4eec\u901a\u8fc7\u7b2c\u4e8c\u6b65\u4ece\u6839\u672c\u4e0a\u89e3\u51b3\u3002<\/li>\n<\/ol>\n\n\n\n

       \u52a0\u56fa\u6b65\u9aa4\u4e8c\uff1a\u4fdd\u62a4\u4e0a\u4f20\u76ee\u5f55\uff08\u6839\u672c\u6027\u89e3\u51b3\uff09<\/h3>\n\n\n\n

      \u8fd9\u662f\u6700\u6709\u6548\u7684\u4e00\u6b65\uff0c\u901a\u8fc7\u670d\u52a1\u5668\u89c4\u5219\u7981\u6b62\u76f4\u63a5\u8bbf\u95ee<\/strong>\u5b58\u653e\u6295\u7a3f\u6587\u4ef6\u7684\u76ee\u5f55\uff0c\u53ea\u5141\u8bb8WordPress\u7a0b\u5e8f\u672c\u8eab\uff08\u7ecf\u8fc7\u6743\u9650\u9a8c\u8bc1\u540e\uff09\u8bfb\u53d6\u6587\u4ef6\u3002<\/p>\n\n\n\n

        \n
      1. \u627e\u5230\u4e0a\u4f20\u76ee\u5f55\u8def\u5f84<\/strong>\uff1a\u4f7f\u7528FTP\u5de5\u5177\u6216\u4e3b\u673a\u5546\u7684\u6587\u4ef6\u7ba1\u7406\u5668\uff0c\u8fdb\u5165\u4f60\u7f51\u7ad9\u7684 wp-content\/uploads\/<\/code> \u76ee\u5f55\u3002<\/li>\n\n\n\n
      2. \u521b\u5efa\u4fdd\u62a4\u6587\u4ef6<\/strong>\uff1a\u5728\u8be5\u76ee\u5f55\u4e0b\uff0c\u68c0\u67e5\u5e76\u521b\u5efa\u4e00\u4e2a\u540d\u4e3a .htaccess<\/code><\/strong> \u7684\u6587\u4ef6\uff08\u5982\u679c\u5df2\u5b58\u5728\uff0c\u5219\u7f16\u8f91\u5b83\uff09\u3002<\/li>\n\n\n\n
      3. \u6dfb\u52a0\u5b89\u5168\u89c4\u5219<\/strong>\uff1a\u5728 .htaccess<\/code> \u6587\u4ef6\u4e2d\uff0c\u52a0\u5165\u4ee5\u4e0b\u6838\u5fc3\u4ee3\u7801\uff1a<\/li>\n<\/ol>\n\n\n\n
        # \u963b\u6b62\u76f4\u63a5\u8bbf\u95ee\u654f\u611f\u6587\u4ef6\u7c7b\u578b\uff0c\u5e76\u7981\u6b62\u76ee\u5f55\u5217\u8868\n<FilesMatch \"\\.(php|html?|js|css|log|txt)$\">\n    Order Allow,Deny\n    Deny from all\n<\/FilesMatch>\n\n# \u5982\u679c\u4e0a\u9762\u89c4\u5219\u5bfc\u81f4\u4f60\u7684\u56fe\u7247\u4e5f\u65e0\u6cd5\u8bbf\u95ee\uff0c\u53ef\u4ee5\u4f7f\u7528\u66f4\u5b89\u5168\u7684\u89c4\u5219\uff1a\n# \u4ec5\u5141\u8bb8\u901a\u8fc7WordPress\uff08\u5373\u4f60\u7684\u57df\u540d\uff09\u6765\u8bbf\u95ee\u56fe\u7247\u7b49\u5a92\u4f53\u6587\u4ef6\nRewriteCond %{REQUEST_FILENAME} -f\nRewriteCond %{REQUEST_URI} \\.(jpg|jpeg|png|gif|pdf|doc|docx)$ [NC]\nRewriteCond %{HTTP_REFERER} !^https?:\/\/(www\\.)?\u4f60\u7684\u7f51\u7ad9\u57df\u540d\\.com\/ [NC]\nRewriteRule \\.(jpg|jpeg|png|gif|pdf|doc|docx)$ - [NC,F,L]\n\n# \u59cb\u7ec8\u7981\u6b62\u76ee\u5f55\u6d4f\u89c8\nOptions -Indexes<\/code><\/pre>\n\n\n\n
        \u6ce8\u610f<\/strong>\uff1a\u8bf7\u5c06\u4ee3\u7801\u4e2d\u7684 \u4f60\u7684\u7f51\u7ad9\u57df\u540d.com<\/code> \u66ff\u6362\u4e3a\u4f60\u81ea\u5df1\u7684\u5b9e\u9645\u57df\u540d\uff08\u4e0d\u542b http:\/\/<\/code>\uff09\u3002\u8fd9\u6761\u89c4\u5219\u7684\u610f\u601d\u662f\uff1a\u5982\u679c\u8bf7\u6c42\u4e00\u4e2a\u56fe\u7247\/\u6587\u6863\uff0c\u4f46\u6765\u6e90\u4e0d\u662f\u4f60\u7684\u7f51\u7ad9\uff0c\u5219\u76f4\u63a5\u7981\u6b62\u8bbf\u95ee(403 Forbidden)\u3002<\/p>\n\n\n\n
        \u52a0\u56fa\u6b65\u9aa4\u4e09\uff1a\u7ec8\u6781\u65b9\u6848\u2014\u2014\u81ea\u5b9a\u4e49\u6587\u4ef6\u4e0a\u4f20\u4f4d\u7f6e\uff08\u8fdb\u9636\uff09
        \u5982\u679c\u4e0a\u8ff0\u65b9\u6cd5\u4ecd\u4e0d\u653e\u5fc3\uff0c\u53ef\u4ee5\uff0c\u5c06\u6295\u7a3f\u6587\u4ef6\u5b58\u653e\u5230Web\u6839\u76ee\u5f55\u4e4b\u5916\u3002<\/h3>\n\n\n\n
        \u539f\u7406\uff1a\u5728\u670d\u52a1\u5668\u4e0a\u521b\u5efa\u4e00\u4e2a \/home\/\u4f60\u7684\u8d26\u6237\/private_uploads\/ \u8fd9\u7c7b\u5b8c\u5168\u4e0d\u5728\u7f51\u7ad9\u516c\u5f00\u8bbf\u95ee\u8303\u56f4\u5185\u7684\u76ee\u5f55\u3002<\/p>\n\n\n\n
        \u64cd\u4f5c\uff1a\u8fd9\u901a\u5e38\u9700\u8981\u4fee\u6539CF7\u6216\u4f7f\u7528\u9ad8\u7ea7\u63d2\u4ef6\u6765\u91cd\u5b9a\u4e49\u4e0a\u4f20\u8def\u5f84\uff0c\u5e76\u7f16\u5199\u4ee3\u7801\u901a\u8fc7\u4e00\u4e2a\u201c\u6587\u4ef6\u4ee3\u7406\u201d\u811a\u672c\uff08\u9700\u9a8c\u8bc1\u7ba1\u7406\u5458\u6743\u9650\uff09\u6765\u8bfb\u53d6\u6587\u4ef6\u3002\u6b64\u6b65\u9aa4\u6d89\u53ca\u4ee3\u7801\u5f00\u53d1\uff0c\u8f83\u4e3a\u590d\u6742\uff0c\u9664\u975e\u6709\u6781\u9ad8\u5b89\u5168\u8981\u6c42\uff0c\u5426\u5219\u5b8c\u6210\u7b2c\u4e8c\u6b65\u901a\u5e38\u5df2\u8db3\u591f\u5b89\u5168\u3002<\/p>\n\n\n\n
        \u6743\u9650\u9694\u79bb\u68c0\u67e5\u6e05\u5355<\/h3>\n\n\n\n
        \u4e3a\u4e86\u786e\u4fdd\u5f7b\u5e95\u7684\u9694\u79bb\uff0c\u8bf7\u5bf9\u7167\u6b64\u6e05\u5355\u68c0\u67e5\u7f51\u7ad9\uff1a<\/p>\n\n\n\n
        \u68c0\u67e5\u9879\u76ee<\/th>\u76ee\u6807\u72b6\u6001\uff08\u9488\u5bf9\u975e\u7ba1\u7406\u5458\uff09<\/th>\u5982\u4f55\u68c0\u67e5\/\u8bbe\u7f6e<\/th><\/tr><\/thead>
        1. \u540e\u53f0\u8bbf\u95ee<\/strong><\/td>\u5b8c\u5168\u65e0\u6cd5\u8fdb\u5165<\/strong> \/wp-admin<\/code><\/td>\u7528\u6237\u63d2\u4ef6\uff08\u5982WPCOM Member\uff09\u5e94\u5df2\u5c06\u9ed8\u8ba4\u767b\u5f55\u540e\u8df3\u8f6c\u9875\u9762\u8bbe\u4e3a\u201c\u524d\u7aef\u7528\u6237\u4e2d\u5fc3\u201d\uff0c\u800c\u975e\u540e\u53f0\u4eea\u8868\u76d8\u3002<\/td><\/tr>
        2. \u524d\u7aef\u8868\u5355\u53ef\u89c1\u6027<\/strong><\/td>\u4ec5\u767b\u5f55\u540e\u53ef\u89c1<\/strong><\/td>\u786e\u8ba4\u6295\u7a3f\u9875\u9762\u4f7f\u7528\u4e86 [loggedin]<\/code> \u7b49\u77ed\u4ee3\u7801\u5305\u88f9\u3002<\/td><\/tr>
        3. \u5a92\u4f53\u5e93\u8bbf\u95ee<\/strong><\/td>\u4e0d\u53ef\u89c1\uff0c\u4e0d\u53ef\u7528<\/strong><\/td>\u9ed8\u8ba4\u201c\u6295\u7a3f\u8005\u201d\u89d2\u8272\u65e0\u201c\u4e0a\u4f20\u6587\u4ef6\u201d\u6743\u9650\uff0c\u8fd9\u5df2\u7531\u89d2\u8272\u63a7\u5236\u3002<\/td><\/tr>
        4. \u6587\u4ef6\u8def\u5f84\u66b4\u9732<\/strong><\/td>\u7edd\u5bf9\u8def\u5f84\u88ab\u9690\u85cf<\/strong><\/td>\u6309\u4e0a\u6587\u6b65\u9aa4\u4e8c\u64cd\u4f5c\uff0c\u4fdd\u62a4\u4e0a\u4f20\u76ee\u5f55\u3002<\/td><\/tr>
        5. \u76f4\u63a5\u6587\u4ef6\u8bbf\u95ee<\/strong><\/td>\u88ab\u670d\u52a1\u5668\u89c4\u5219\u62e6\u622a<\/strong><\/td>\u901a\u8fc7 .htaccess<\/code> \u89c4\u5219\u5b9e\u73b0\uff0c\u540c\u4e0a\u3002<\/td><\/tr>
        6. \u89d2\u8272\u664b\u5347<\/strong><\/td>\u4e25\u683c\u63a7\u5236<\/strong><\/td>\u7edd\u4e0d\u5c06\u666e\u901a\u7528\u6237\u63d0\u5347\u4e3a\u201c\u7f16\u8f91\u201d\u6216\u201c\u7ba1\u7406\u5458\u201d\u3002<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
         \u6587\u4ef6\u4e0a\u4f20\u5230\u54ea\u91cc\u53bb\u4e86\uff1f\uff08\u5b58\u50a8\u4f4d\u7f6e\uff09<\/h2>\n\n\n\n
        \u6587\u4ef6\u4e0a\u4f20\u7684\u5b58\u50a8\u4f4d\u7f6e<\/strong>\u548c\u8bbf\u95ee\u7ba1\u7406<\/strong>\u662f\u4e24\u4e2a\u72ec\u7acb\u4f46\u76f8\u5173\u7684\u95ee\u9898\uff0c\u800cFlamingo\u7684\u201c\u8bbe\u7f6e\u201d\u9009\u9879\u786e\u5b9e\u4e0d\u591f\u76f4\u89c2,\u7531 Contact Form 7 (CF7)<\/strong> \u4e0a\u4f20\u7684\u6587\u4ef6\uff0c\u9ed8\u8ba4\u5b58\u50a8\u5728\u4ee5\u4e0b\u670d\u52a1\u5668\u8def\u5f84\uff1a
        \/wp-content\/uploads\/wpcf7_uploads\/<\/code><\/p>\n\n\n\n
        \u8fd9\u662f\u5982\u4f55\u8fd0\u4f5c\u7684\uff1f<\/strong><\/p>\n\n\n\n
          \n
        1. \u4e34\u65f6\u5b58\u50a8<\/strong>\uff1a\u7528\u6237\u63d0\u4ea4\u8868\u5355\u65f6\uff0c\u6587\u4ef6\u9996\u5148\u4f1a\u4f20\u5230\u8fd9\u4e2a\u76ee\u5f55\uff0c\u6587\u4ef6\u540d\u4f1a\u88ab\u7cfb\u7edf\u81ea\u52a8\u91cd\u547d\u540d<\/strong>\u4e3a\u4e00\u4e32\u968f\u673a\u5b57\u7b26\uff08\u5982 a1b2c3d4e5.pdf<\/code>\uff09\uff0c\u8fd9\u672c\u8eab\u5c31\u9690\u85cf\u4e86\u539f\u59cb\u6587\u4ef6\u540d\u3002<\/li>\n\n\n\n
        2. \u8bb0\u5f55\u94fe\u63a5<\/strong>\uff1aFlamingo<\/strong> \u63d2\u4ef6\u5728\u8bb0\u5f55\u8fd9\u6b21\u63d0\u4ea4\u65f6\uff0c\u4f1a\u5728\u6570\u636e\u5e93\u91cc\u4fdd\u5b58\u4e00\u4e2a\u6307\u5411\u8fd9\u4e2a\u4e34\u65f6\u6587\u4ef6<\/strong>\u7684\u94fe\u63a5\u3002<\/li>\n\n\n\n
        3. \u81ea\u52a8\u6e05\u7406<\/strong>\uff1a\u9ed8\u8ba4\u60c5\u51b5\u4e0b\uff0c\u8fd9\u4e9b\u4e34\u65f6\u4e0a\u4f20\u7684\u6587\u4ef6\u4f1a\u572824\u5c0f\u65f6\u540e\u88ab\u7cfb\u7edf\u81ea\u52a8\u5220\u9664<\/strong>\u3002\u8fd9\u5c31\u662f\u4e3a\u4ec0\u4e48\u5fc5\u987b\u5b89\u88c5Flamingo\u6765\u6c38\u4e45\u4fdd\u5b58\u8bb0\u5f55\u7684\u539f\u56e0\uff0c\u5b83\u4fdd\u5b58\u7684\u662f\u201c\u6587\u4ef6\u66fe\u7ecf\u5728\u6b64\u201d\u7684\u4fe1\u606f<\/strong>\uff0c\u800c\u4e0d\u662f\u6587\u4ef6\u672c\u8eab\u3002<\/li>\n<\/ol>\n\n\n\n
          \u91cd\u8981\u63d0\u793a<\/strong>\uff1a\u5982\u679c\u60f3\u8ba9\u6587\u4ef6\u6c38\u4e45\u4fdd\u5b58\uff0c\u9700\u8981\u5b89\u88c5\u989d\u5916\u7684\u6269\u5c55\u63d2\u4ef6\uff08\u5982 Contact Form 7 File Download<\/strong>\uff09\uff0c\u5b83\u4f1a\u5c06\u6587\u4ef6\u8f6c\u79fb\u5230\u5a92\u4f53\u5e93\u3002\u4f46\u76ee\u524d\u4f60\u7684\u514d\u8d39\u65b9\u6848\u4e2d\uff0cFlamingo + \u90ae\u4ef6\u901a\u77e5<\/strong>\u5df2\u8db3\u591f\u4f60\u83b7\u53d6\u6587\u4ef6\u3002<\/p>\n\n\n\n
          \u5982\u4f55\u5728Flamingo\u4e2d\u7ba1\u7406\u6587\u4ef6\uff1f\uff08\u9632\u6b62\u66b4\u9732\uff09<\/h3>\n\n\n\n
          Flamingo\u672c\u8eab\u6ca1\u6709\u590d\u6742\u7684\u201c\u6587\u4ef6\u4e0a\u4f20\u201d\u8bbe\u7f6e\u9875\u9762<\/strong>\u3002\u5b83\u7684\u6838\u5fc3\u662f\u8bb0\u5f55\u6570\u636e\u3002\u4f60\u771f\u6b63\u9700\u8981\u505a\u7684\u5b89\u5168\u52a0\u56fa\uff0c\u662f\u5728\u670d\u52a1\u5668\u5c42\u9762<\/strong>\u963b\u6b62\u5bf9\u8fd9\u4e2a\u4e0a\u4f20\u76ee\u5f55\u7684\u76f4\u63a5\u8bbf\u95ee\u3002<\/p>\n\n\n\n
          \u64cd\u4f5c\u8def\u5f84\u5982\u4e0b\uff1a<\/strong><\/p>\n\n\n\n
            \n
          1. \u627e\u5230\u76ee\u5f55<\/strong>\uff1a\u4f7f\u7528\u4f60\u7684\u4e3b\u673a\u63a7\u5236\u9762\u677f\uff08\u5982cPanel\uff09\u7684\u201c\u6587\u4ef6\u7ba1\u7406\u5668\u201d\uff0c\u6216FTP\u5de5\u5177\uff08\u5982FileZilla\uff09\uff0c\u8fde\u63a5\u5230\u4f60\u7684\u7f51\u7ad9\u3002<\/li>\n\n\n\n
          2. \u5bfc\u822a\u5230\u8def\u5f84<\/strong>\uff1a\u4f9d\u6b21\u6253\u5f00 wp-content<\/code> \u2192 uploads<\/code> \u6587\u4ef6\u5939\u3002<\/li>\n\n\n\n
          3. \u786e\u8ba4\u5b50\u76ee\u5f55<\/strong>\uff1a\u67e5\u770b\u91cc\u9762\u662f\u5426\u6709 wpcf7_uploads<\/code> \u6587\u4ef6\u5939\u3002\u8fd9\u5c31\u662fCF7\u4e0a\u4f20\u6587\u4ef6\u7684\u786e\u5207\u4f4d\u7f6e\u3002<\/li>\n\n\n\n
          4. \u5b9e\u65bd\u4fdd\u62a4\uff08\u6838\u5fc3\u6b65\u9aa4\uff09<\/strong>\uff1a\u5728\u8be5 wpcf7_uploads<\/code> \u76ee\u5f55\u4e0b\uff0c\u521b\u5efa\u6216\u7f16\u8f91\u4e00\u4e2a\u540d\u4e3a .htaccess<\/code> \u7684\u6587\u4ef6<\/strong>\uff0c\u5e76\u653e\u5165\u6211\u4e4b\u524d\u56de\u590d\u4e2d\u7684\u5b89\u5168\u89c4\u5219\u3002\u8fd9\u4f1a\u963b\u6b62\u4efb\u4f55\u4eba\u901a\u8fc7\u76f4\u63a5\u8f93\u5165\u7f51\u5740\u6765\u8bbf\u95ee\u91cc\u9762\u7684\u6587\u4ef6\u3002<\/li>\n<\/ol>\n\n\n\n
            \u7b80\u5355\u6765\u8bf4\uff0c\u6574\u4e2a\u6d41\u7a0b\u7684\u5b89\u5168\u903b\u8f91\u662f\u8fd9\u6837\u7684\uff1a<\/p>\n\n\n\n
            \u6b65\u9aa4<\/th>\u53d1\u751f\u4e86\u4ec0\u4e48<\/th>\u5b89\u5168\u72b6\u6001<\/th>\u4f60\u7684\u63a7\u5236\u70b9<\/th><\/tr><\/thead>
            1. \u7528\u6237\u63d0\u4ea4<\/strong><\/td>\u6587\u4ef6\u4e0a\u4f20\u5230 \/wpcf7_uploads\/<\/code>\uff0c\u88ab\u91cd\u547d\u540d\u3002<\/td>\u4e34\u65f6\u3001\u968f\u673a\u5316<\/strong><\/td>\u901a\u8fc7CF7\u8868\u5355\u9650\u5236\u6587\u4ef6\u7c7b\u578b\u548c\u5927\u5c0f\u3002<\/td><\/tr>
            2. \u6570\u636e\u8bb0\u5f55<\/strong><\/td>\u6587\u4ef6\u4e0a\u4f20Flamingo\u5728\u540e\u53f0\u8bb0\u5f55\u4e0b\u8fd9\u6b21\u63d0\u4ea4\u548c\u6587\u4ef6\u94fe\u63a5<\/strong>\u3002<\/td>\u94fe\u63a5\u88ab\u8bb0\u5f55\uff0c\u4f46\u6587\u4ef6\u4ecd\u662f\u4e34\u65f6\u7684<\/strong><\/td>\u53ea\u6709\u767b\u5f55WordPress\u540e\u53f0\u624d\u80fd\u770b\u5230Flamingo\u8bb0\u5f55\u3002<\/td><\/tr>
            3. \u4f60\u5ba1\u6838<\/strong><\/td>\u4f60\u767b\u5f55\u540e\u53f0\uff0c\u5728Flamingo\u4e2d\u70b9\u51fb\u8be5\u6587\u4ef6\u94fe\u63a5\u8fdb\u884c\u4e0b\u8f7d\u548c\u5ba1\u6838\u3002<\/td>\u901a\u8fc7\u540e\u53f0\u6743\u9650\u9a8c\u8bc1\u540e\u7684\u5b89\u5168\u8bbf\u95ee<\/strong><\/td>\u4f60\u662f\u7ba1\u7406\u5458\uff0c\u8fd9\u662f\u5408\u89c4\u7684\u8bbf\u95ee\u9014\u5f84\u3002<\/td><\/tr>
            4. \u6587\u4ef6\u6e05\u7406<\/strong><\/td>24\u5c0f\u65f6\u540e\uff0c\u670d\u52a1\u5668\u4e0a\u7684\u4e34\u65f6\u6587\u4ef6\u88ab\u81ea\u52a8\u5220\u9664\u3002<\/td>\u5f7b\u5e95\u6e05\u7406<\/strong><\/td>\u5982\u679c\u6587\u4ef6\u91cd\u8981\uff0c\u4f60\u5e94\u5728\u6b64\u4e4b\u524d\u5c06\u5176\u4fdd\u5b58\u5230\u672c\u5730\u3002<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
            \u6240\u4ee5\uff0c\u627e\u4e0d\u5230Flamingo\u7684\u201c\u6587\u4ef6\u4e0a\u4f20\u8bbe\u7f6e\u201d\u662f\u6b63\u5e38\u7684<\/strong>\uff0c\u56e0\u4e3a\u6587\u4ef6\u7ba1\u7406\u4e3b\u8981\u5728\u670d\u52a1\u5668\u7aef\u3002\u73b0\u5728\u6700\u6709\u6548\u3001\u6700\u76f4\u63a5\u7684\u5b89\u5168\u52a0\u56fa\u52a8\u4f5c\u662f\uff1a\u53bb\u4f60\u7684\u7f51\u7ad9\u670d\u52a1\u5668\u4e0a\uff0c\u627e\u5230 \/wp-content\/uploads\/wpcf7_uploads\/<\/code> \u8fd9\u4e2a\u76ee\u5f55\uff0c\u7136\u540e\u6309\u7167\u4e0a\u6587\u4e2d\u7684\u3010\u52a0\u56fa\u6b65\u9aa4\u4e8c\u3011\uff0c\u521b\u5efa\u6216\u4fee\u6539 .htaccess<\/code> \u6587\u4ef6\u3002<\/strong>\u8fd9\u6837\u4e00\u6765\uff0c\u5373\u4f7f\u6709\u4eba\u4eceFlamingo\u7684\u8bb0\u5f55\u91cc\u770b\u5230\u4e86\u6587\u4ef6\u94fe\u63a5\uff0c\u6216\u8005\u8bd5\u56fe\u731c\u6d4b\u6587\u4ef6\u8def\u5f84\uff0c\u670d\u52a1\u5668\u4e5f\u4f1a\u62d2\u7edd\u4ed6\u7684\u76f4\u63a5\u8bbf\u95ee\u8bf7\u6c42\uff0c\u53ea\u6709\u4f60\u901a\u8fc7\u540e\u53f0\u624d\u80fd\u6b63\u5e38\u67e5\u770b\u3002\u8fd9\u624d\u662f\u5b9e\u73b0\u201c\u53ea\u6709\u7ba1\u7406\u5458\u80fd\u8bbf\u95ee\u201d\u7684\u6839\u672c\u65b9\u6cd5\u3002<\/p>\n\n\n\n
            \u5f53\u7136\u5f53\u524d\u4ec5\u9760 .htaccess<\/code> \u8fdb\u884c\u540e\u671f\u62e6\u622a\u662f\u88ab\u52a8\u9632\u5fa1<\/strong>,\u662f\u4e0d\u8db3\u4ee5\u5b9e\u73b0\u57fa\u7840\u7684\u5b89\u5168\u9632\u62a4\uff0c\u4f60\u9700\u8981\u66f4\u52a0\u4e25\u683c\u7684\u89c4\u5219,\u6211\u4eec\u8fd8\u9762\u4e34\u5f88\u591a\u6311\u6218\u3002\u6bd4\u65b9\u8bf4\uff0c\u4ed6\u867d\u7136\u5c06\u6587\u4ef6\u540d\u540e\u7f00\u6539\u7684\u662f\u6b63\u5e38\u7684\uff0c\u4f46\u662f\u5462\uff0c\u5b83\u5229\u7528Burp\u62e6\u622a\u8fd9\u4e2a\u5305\u5728\u8fd9\u4e2a\u5305\u7684\u8bf7\u6c42\u91cc\u9762\uff0c\u5077\u5077\u7684\u4fee\u6539\u4e86\u8fd9\u4e2a\u6587\u4ef6\u540e\u7f00\u8fd9\u6837\u5b50.\u53c8\u6216\u8005\u4ed6\u4e0a\u4f20\u4e86\u4e00\u4e2a\u56fe\u7247.\u4f46\u662f\u4ed6\u8fd9\u4e2a\u56fe\u7247\u5462\u662f\u901a\u8fc7\u56fe\u7247\u52a0\u6728\u9a6c\u5408\u5e76\u7684\u800c\u6210\u7684\u56fe\u7247\u9a6c\u3002\u8981\u4e3b\u52a8\u89e3\u51b3\u8fd9\u4e9b\u95ee\u9898\uff0c\u6211\u4eec\u9700\u8981\u8c03\u6574\u7b56\u7565\uff0c\u5efa\u7acb\u4e00\u5957\u201c\u7eb5\u6df1\u9632\u5fa1\u201d\u7684\u4e3b\u52a8\u5904\u7406\u6d41\u7a0b<\/strong>\uff0c\u6838\u5fc3\u662f \u201c\u9694\u79bb\u3001\u9a8c\u8bc1\u3001\u8f6c\u6362\u201d<\/strong>\u3002\u4e4b\u524d\u7f16\u5199\u7684\u89c4\u5219\u903b\u8f91\u5b58\u5728\u51b2\u7a81\uff08\u524d\u6bb5\u62d2\u7edd\u6240\u6709\u8bbf\u95ee\uff0c\u540e\u6bb5\u53c8\u5c1d\u8bd5\u5141\u8bb8\u7279\u5b9a\u7c7b\u578b\uff09\uff0c\u5e76\u4e14\u65e0\u6cd5\u9632\u5fa1\u56fe\u7247\u9a6c\u3002<\/p>\n\n\n\n
             \u7eb5\u6df1\u9632\u5fa1\uff1a\u4e3b\u52a8\u5904\u7406\u6d41\u7a0b<\/h2>\n\n\n\n
            \u7406\u60f3\u7684\u9632\u5fa1\u6d41\u7a0b\u5e94\u5982\u4e0b\u56fe\u6240\u793a\uff0c\u5728\u6587\u4ef6\u88ab\u63a5\u89e6\u524d\u5c31\u5b8c\u6210\u591a\u91cd\u9a8c\u8bc1\u4e0e\u65e0\u5bb3\u5316\u5904\u7406\uff1a<\/p>\n\n\n
            \n
            \"\"<\/div><\/figure>\n<\/div>\n\n\n
            \u5b9e\u73b0\uff1a\u7ec4\u5408\u4f7f\u7528\u63d2\u4ef6\u4e0e\u81ea\u5b9a\u4e49\u4ee3\u7801<\/h3>\n\n\n\n
            \u7531\u4e8eWordPress\u548cCF7\u7684\u9ed8\u8ba4\u529f\u80fd\u6709\u9650\uff0c\u5b9e\u73b0\u4e0a\u56fe\u6d41\u7a0b\u9700\u8981\u7ed3\u5408\u63d2\u4ef6\u548c\u81ea\u5b9a\u4e49\u4ee3\u7801\u3002<\/p>\n\n\n\n
            \u5b89\u5168\u76ee\u6807<\/th>\u63a8\u8350\u5b9e\u73b0\u65b9\u6848<\/th>\u5177\u4f53\u64cd\u4f5c\u4e0e\u8bf4\u660e<\/th><\/tr><\/thead>
            1. \u7acb\u5373\u91cd\u547d\u540d\u5e76\u79fb\u81f3Web\u6839\u76ee\u5f55\u5916<\/strong><\/td>\u81ea\u5b9a\u4e49\u4ee3\u7801\u4fee\u6539CF7\u4e0a\u4f20\u8def\u5f84<\/strong><\/td>\u8fd9\u662f\u6700\u6839\u672c\u7684\u89e3\u51b3\u65b9\u6848<\/strong>\u3002\u901a\u8fc7\u4e00\u6bb5\u4ee3\u7801\uff0c\u5c06CF7\u4e0a\u4f20\u76ee\u5f55\u6539\u4e3aWeb\u65e0\u6cd5\u76f4\u63a5\u8bbf\u95ee\u7684\u4f4d\u7f6e\uff08\u5982 \/home\/your_user\/private_uploads\/<\/code>\uff09\uff0c\u5e76\u5f3a\u5236\u4f7f\u7528\u968f\u673a\u6587\u4ef6\u540d\u3002\u8fd9\u9700\u8981\u5c06\u4ee3\u7801\u6dfb\u52a0\u5230\u4e3b\u9898\u7684 functions.php<\/code> \u6587\u4ef6\u6216\u81ea\u5b9a\u4e49\u63d2\u4ef6\u4e2d\u3002\uff08\u4ee3\u7801\u793a\u4f8b\u89c1\u4e0b\u6587\uff09<\/strong><\/td><\/tr>
            2. \u9a8c\u8bc1\u6587\u4ef6\u771f\u5b9e\u7c7b\u578b\uff08\u9632\u4f2a\u6269\u5c55\u540d\uff09<\/strong><\/td>\u670d\u52a1\u5668\u7aefMIME\u7c7b\u578b\u68c0\u67e5<\/strong><\/td>\u5728\u4e0a\u9762\u7684\u81ea\u5b9a\u4e49\u4ee3\u7801\u4e2d\uff0c\u6574\u5408PHP\u7684 finfo_file()<\/code> \u51fd\u6570\uff0c\u901a\u8fc7\u8bfb\u53d6\u6587\u4ef6\u5934\u90e8\u4e8c\u8fdb\u5236\u7b7e\u540d<\/strong>\u6765\u5224\u65ad\u771f\u5b9e\u7c7b\u578b\uff0c\u4e0e\u6587\u4ef6\u540e\u7f00\u540d\u8fdb\u884c\u6bd4\u5bf9\uff0c\u4e25\u683c\u62d2\u7edd\u4e0d\u4e00\u81f4\u7684\u6587\u4ef6\u3002<\/td><\/tr>
            3. \u5904\u7406\u56fe\u7247\u9a6c\uff08\u7834\u574f\u5d4c\u5165\u4ee3\u7801\uff09<\/strong><\/td>\u5bf9\u56fe\u7247\u8fdb\u884c\u201c\u518d\u5904\u7406\u201d<\/strong><\/td>\u4f7f\u7528PHP\u7684GD\u5e93\u6216Imagick\uff0c\u5bf9\u4e0a\u4f20\u7684\u56fe\u7247\u8fdb\u884c\u7b80\u5355\u7684\u91cd\u65b0\u538b\u7f29\u3001\u7f29\u653e\u6216\u683c\u5f0f\u8f6c\u6362<\/strong>\u3002\u8fd9\u4e2a\u8fc7\u7a0b\u4f1a\u7834\u574f\u56fe\u7247\u50cf\u7d20\u5c42\u4e2d\u53ef\u80fd\u9690\u85cf\u7684\u6076\u610f\u4ee3\u7801\uff0c\u800c\u57fa\u672c\u4e0d\u5f71\u54cd\u9884\u89c8\u3002\u8fd9\u53ef\u4ee5\u6574\u5408\u5230\u4e0a\u8ff0\u4ee3\u7801\u4e2d\uff0c\u4f5c\u4e3a\u5bf9\u56fe\u7247\u6587\u4ef6\u7684\u4e13\u95e8\u5904\u7406\u3002<\/td><\/tr>
            4. \u5f3a\u5316\u8bbf\u95ee\u63a7\u5236\uff08.htaccess\uff09<\/strong><\/td>\u4fdd\u62a4\u4e34\u65f6\u76ee\u5f55\uff08\u5982\u679c\u4ecd\u9700\u5b58\u5728\uff09<\/strong><\/td>\u5982\u679c\u4f60\u6682\u65f6\u65e0\u6cd5\u5b9e\u73b0\u65b9\u68481\uff0c\u90a3\u4e48\u81f3\u5c11\u5e94\u4fee\u6b63\u4f60\u7684\u89c4\u5219\uff0c\u5e76\u4fdd\u62a4\u4e34\u65f6\u76ee\u5f55\u3002\u5c06 wpcf7_uploads<\/code> \u76ee\u5f55\u4e0b\u7684 .htaccess<\/code> \u6587\u4ef6\u5185\u5bb9\u7cbe\u7b80\u5e76\u4fee\u6b63\u4e3a\u4ee5\u4e0b\u5185\u5bb9<\/strong>\uff0c\u5b83\u80fd\u66f4\u5b89\u5168\u5730\u62d2\u7edd\u6240\u6709\u8bbf\u95ee\uff1a
            # \u65e0\u6761\u4ef6\u62d2\u7edd\u6240\u6709\u76f4\u63a5\u8bbf\u95ee<\/code>
            Require all denied<\/code><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
            \u6838\u5fc3\u4ee3\u7801\u793a\u4f8b\uff08\u7528\u4e8e functions.php\uff09<\/h3>\n\n\n\n
            \u4ee5\u4e0b\u662f\u4e00\u4e2a\u57fa\u7840\u793a\u4f8b\u4ee3\u7801\u6846\u67b6<\/strong>\uff0c\u5b9e\u73b0\u4e86\u91cd\u547d\u540d\u3001\u8f6c\u79fb\u76ee\u5f55\u548c\u7b80\u5355\u7684MIME\u68c0\u67e5<\/strong>\u3002\u8bf7\u6ce8\u610f\uff0c\u8fd9\u9700\u8981\u5177\u5907\u4e00\u5b9a\u7684\u4ee3\u7801\u7f16\u8f91\u80fd\u529b\uff0c\u5e76\u9700\u8981\u6839\u636e\u4f60\u7684\u670d\u52a1\u5668\u73af\u5883\u8c03\u6574\u8def\u5f84\u3002<\/p>\n\n\n\n
            add_filter( 'wpcf7_upload_dir', 'custom_wpcf7_upload_dir' );\nfunction custom_wpcf7_upload_dir( $dir ) {\n    \/\/ 1. \u5b9a\u4e49\u4e00\u4e2a\u65b0\u7684\u3001Web\u65e0\u6cd5\u8bbf\u95ee\u7684\u7edd\u5bf9\u8def\u5f84\uff08\u8bf7\u4fee\u6539\u4e3a\u4f60\u7684\u5b9e\u9645\u8def\u5f84\uff09\n    $private_dir = '\/home\/\u4f60\u7684\u670d\u52a1\u5668\u7528\u6237\u540d\/private_uploads\/wpcf7_uploads';\n\n    \/\/ 2. \u786e\u4fdd\u8be5\u76ee\u5f55\u5b58\u5728\u4e14\u6709\u5199\u5165\u6743\u9650\n    if ( ! file_exists( $private_dir ) ) {\n        wp_mkdir_p( $private_dir );\n    }\n\n    \/\/ 3. \u8986\u76d6CF7\u9ed8\u8ba4\u8def\u5f84\n    $dir['path']   = $private_dir;\n    $dir['url']    = ''; \/\/ \u7f6e\u7a7aURL\uff0c\u4f7f\u76f4\u63a5\u94fe\u63a5\u5931\u6548\n    $dir['subdir'] = '';\n\n    return $dir;\n}\n\n\/\/ \u53ef\u9009\uff1a\u6dfb\u52a0\u7b80\u5355\u7684\u6587\u4ef6\u5934\u68c0\u67e5\uff08\u57fa\u7840\u793a\u4f8b\uff09\nadd_filter( 'wpcf7_upload_file_name', 'custom_wpcf7_randomize_name', 10, 3 );\nfunction custom_wpcf7_randomize_name( $filename, $file_path ) {\n    \/\/ \u751f\u6210\u968f\u673a\u6587\u4ef6\u540d\u5e76\u4fdd\u7559\u540e\u7f00\n    $ext = pathinfo( $filename, PATHINFO_EXTENSION );\n    $new_filename = uniqid() . '_' . bin2hex( random_bytes( 8 ) ) . '.' . $ext;\n\n    \/\/ \u6b64\u5904\u53ef\u6dfb\u52a0 finfo_file() \u51fd\u6570\u8fdb\u884cMIME\u7c7b\u578b\u68c0\u67e5\n    \/\/ $finfo = finfo_open( FILEINFO_MIME_TYPE );\n    \/\/ $real_mime = finfo_file( $finfo, $file_path );\n\n    return $new_filename;\n}<\/code><\/pre>\n\n\n\n
            \u7b2c\u4e00\u9636\u6bb5\uff1a\u7d27\u6025\u5c01\u5835\uff08\u4fee\u590d .htaccess\uff09<\/h3>\n\n\n\n
            \u5f53\u524d\u9996\u8981\u4efb\u52a1\u662f\u5207\u65ad\u6240\u6709\u5bf9\u4e0a\u4f20\u76ee\u5f55\u7684\u76f4\u63a5\u8bbf\u95ee<\/strong>\u3002\u4f60\u7684\u89c4\u5219\u9700\u8981\u7b80\u5316\uff0c\u907f\u514d\u5185\u90e8\u51b2\u7a81\u3002<\/p>\n\n\n\n
              \n
            1. \u5b9a\u4f4d\u6587\u4ef6<\/strong>\uff1a\u4f7f\u7528\u4e3b\u673a\u5546\u7684\u6587\u4ef6\u7ba1\u7406\u5668\u6216FTP\u5de5\u5177\uff0c\u8fdb\u5165 \/wp-content\/uploads\/wpcf7_uploads\/<\/code> \u76ee\u5f55\u3002<\/li>\n\n\n\n
            2. \u521b\u5efa\/\u7f16\u8f91\u6587\u4ef6<\/strong>\uff1a\u521b\u5efa\u6216\u6e05\u7a7a\u91cc\u9762\u7684 .htaccess<\/code> \u6587\u4ef6\u3002<\/li>\n\n\n\n
            3. \u5199\u5165\u6700\u4e25\u683c\u89c4\u5219<\/strong>\uff1a\u53ea\u4fdd\u7559<\/strong>\u4e0b\u9762\u4e09\u884c\uff08\u9002\u7528\u4e8eApache 2.4+\uff0c\u7edd\u5927\u591a\u6570\u73b0\u4ee3\u4e3b\u673a\u90fd\u652f\u6301\uff09\uff1a<\/li>\n<\/ol>\n\n\n\n
              # \u65e0\u6761\u4ef6\u62d2\u7edd\u6240\u6709\u8bbf\u95ee\uff08\u65e0\u8bba\u6765\u81ea\u54ea\u91cc\uff0c\u65e0\u8bba\u4ec0\u4e48\u6587\u4ef6\u7c7b\u578b\uff09\nRequire all denied\n# \u7981\u6b62\u76ee\u5f55\u5217\u8868\uff08\u53cc\u4fdd\u9669\uff09\nOptions -Indexes\n# BEGIN WordPress\n<IfModule mod_rewrite.c>\nRewriteEngine On\nRewriteCond %{HTTP_HOST} ^preluna\\.xyz [NC]\nRewriteRule ^(.*)$ http:\/\/www.preluna.xyz\/$1 [L,R=301]\nRewriteBase \/\nRewriteRule ^index\\.php$ - [L]\nRewriteCond %{REQUEST_FILENAME} !-f\nRewriteCond %{REQUEST_FILENAME} !-d\nRewriteRule . \/index.php [L]\n<\/IfModule>\n# END WordPress\n\n# \u4ee5\u4e0b\u662f\u65b0\u589e\u7684\u5b89\u5168\u89c4\u5219\uff0c\u5fc5\u987b\u653e\u5728 WordPress \u89c4\u5219\u533a\u5757\u4e4b\u5916\n# 1. \u5b57\u4f53\u6587\u4ef6MIME\u7c7b\u578b\uff08\u4f60\u539f\u6709\u7684\uff0c\u53ef\u4ee5\u4fdd\u7559\uff09\nAddType font\/woff2 .woff2\nAddType font\/woff .woff\nAddType font\/ttf .ttf\nAddType application\/vnd.ms-fontobject .eot\nAddType image\/svg+xml .svg\n\n# 2. \u6838\u5fc3\u5b89\u5168\u89c4\u5219\uff1a\u9632\u6b62\u5c06\u4efb\u4f55\u6587\u4ef6\u5f53\u4f5c\u811a\u672c\u89e3\u6790\n<FilesMatch \"\\.(php|php5|php7|phtml|pl|py|jsp|asp|sh|cgi)$\">\n    # \u65e0\u6761\u4ef6\u62d2\u7edd\u8bbf\u95ee\u4efb\u4f55\u811a\u672c\u6587\u4ef6\n    Require all denied\n<\/FilesMatch>\n\n# 3. \u7279\u522b\u9632\u5fa1\uff1a\u5373\u4f7f\u6709 .php \u540e\u7f00\u7684\u56fe\u7247\u4e5f\u62d2\u7edd\uff08\u9632\u5fa1\u7578\u5f62\u89e3\u6790\uff09\n<FilesMatch \"^.*\\.(php\\.(png|jpg|gif|jpeg))$\">\n    Require all denied\n<\/FilesMatch><\/code><\/pre>\n\n\n\n
              \u4e00\u4e2a\u66f4\u4e25\u8c28\u7684\u517c\u5bb9\u7248\u672c<\/strong><\/p>\n\n\n\n
              \u5f53\u524d\u7684\u7248\u672c\u5728Apache 2.4+\u73af\u5883\u4e0b\u662f\u5b8c\u7f8e\u7684\u3002\u5982\u679c\u5e0c\u671b\u914d\u7f6e\u66f4\u5065\u58ee\uff0c\u80fd\u517c\u5bb9\u53ef\u80fd\u5b58\u5728\u7684\u65e7\u7248Apache\u73af\u5883\uff082.2\uff09\uff0c\u5e76\u66f4\u660e\u786e\u5730\u963b\u6b62\u67d0\u4e9b\u7279\u5b9a\u6587\u4ef6\uff0c\u53ef\u4ee5\u4f7f\u7528\u4ee5\u4e0b\u7248\u672c\uff1a<\/p>\n\n\n\n
              # \u517c\u5bb9Apache 2.2\u4e0e2.4+\u7684\u62d2\u7edd\u8bbf\u95ee\u89c4\u5219\n<IfModule mod_authz_core.c>\n  # Apache 2.4+\n  Require all denied\n<\/IfModule>\n<IfModule !mod_authz_core.c>\n  # Apache 2.2\n  Deny from all\n<\/IfModule>\n\n# \u7981\u6b62\u76ee\u5f55\u5217\u8868\nOptions -Indexes\n\n# \u989d\u5916\u5b89\u5168\uff1a\u660e\u786e\u62d2\u7edd\u6267\u884c\u811a\u672c\uff08\u5373\u4f7f\u88ab\u4ee5\u5176\u4ed6\u65b9\u5f0f\u4e0a\u4f20\uff09\n<FilesMatch \"\\.(php|php5|php7|phtml|pl|py|jsp|asp|sh|cgi)$\">\n  SetHandler None\n  ForceType text\/plain\n<\/FilesMatch><\/code><\/pre>\n\n\n\n
              \u7acb\u523b\u9a8c\u8bc1<\/strong>\uff1a\u6253\u5f00\u6d4f\u89c8\u5668\uff0c\u5c1d\u8bd5\u8bbf\u95ee\u4e00\u4e2a\u5df2\u77e5\u7684\u4e0a\u4f20\u6587\u4ef6\uff0c\u4f8b\u5982 http:\/\/\u4f60\u7684\u7f51\u7ad9.com\/wp-content\/uploads\/wpcf7_uploads\/\u67d0\u4e2a\u6587\u4ef6\u540d<\/code>\uff0c\u5e94\u8be5\u770b\u5230 403 Forbidden\uff08\u7981\u6b62\u8bbf\u95ee\uff09<\/strong> \u9519\u8bef\u9875\u3002\u8fd9\u8bf4\u660e\u7b2c\u4e00\u9053\u5899\u5df2\u7b51\u8d77\u3002<\/p>\n\n\n\n
              \u6838\u5fc3\u63d0\u793a<\/strong>\uff1a\u6b64 .htaccess<\/code> \u89c4\u5219\u662f\u7b2c\u4e00\u5c42\u201c\u7269\u7406\u9694\u79bb\u201d\u3002\u63a5\u4e0b\u6765\uff0c\u8bf7\u52a1\u5fc5\u7ee7\u7eed\u5b9e\u65bd\u7b2c\u4e8c\u9636\u6bb5\u7684\u201c\u6838\u5fc3\u9632\u5fa1\u201d<\/strong> \u2014\u2014\u5c06\u6587\u4ef6\u4e0a\u4f20\u8def\u5f84\u79fb\u51faWeb\u76ee\u5f55\u5e76\u7acb\u5373\u91cd\u547d\u540d\u3002\u5426\u5219\uff0c\u5982\u679c\u653b\u51fb\u8005\u5229\u7528WordPress\u6216\u63d2\u4ef6\u672c\u8eab\u7684\u67d0\u4e2a\u6f0f\u6d1e\u95f4\u63a5\u8c03\u7528<\/strong>\u4e86\u8fd9\u4e9b\u6587\u4ef6\uff0c\u4ec5\u9760 .htaccess<\/code> \u662f\u65e0\u6cd5\u963b\u6b62\u7684\u3002.htaccess<\/code> \u52a0\u4e0a\u6587\u4ef6\u8f6c\u79fb<\/strong>\uff0c\u4e24\u8005\u7ed3\u5408\u624d\u80fd\u6784\u6210\u575a\u56fa\u7684\u9632\u7ebf\u3002<\/p>\n\n\n\n
              \u7b2c\u4e8c\u9636\u6bb5\uff1a\u6838\u5fc3\u9632\u5fa1\uff08\u8f6c\u79fb\u5e76\u91cd\u547d\u540d\u6587\u4ef6\uff09<\/h3>\n\n\n\n
              \u8fd9\u662f\u6cbb\u672c\u4e4b\u7b56\uff0c\u8ba9\u6076\u610f\u6587\u4ef6\u201c\u65e0\u5904\u5b89\u653e\u201d\u4e14\u201c\u9762\u76ee\u5168\u975e\u201d\u3002\u6211\u4eec\u5c06\u901a\u8fc7\u6dfb\u52a0\u4e00\u6bb5\u4ee3\u7801\uff0c\u4fee\u6539CF7\u7684\u4e0a\u4f20\u884c\u4e3a\u3002<\/p>\n\n\n\n
              \n
              \u64cd\u4f5c\u524d\u5fc5\u5907<\/strong>\uff1a\u5907\u4efd\u4f60\u7684\u7f51\u7ad9<\/strong>\uff0c\u7279\u522b\u662f\u5f53\u524d\u4e3b\u9898\u7684 functions.php<\/code> \u6587\u4ef6\u3002<\/p>\n<\/blockquote>\n\n\n\n
                \n
              1. \u767b\u5f55WordPress\u540e\u53f0<\/strong>\uff0c\u8fdb\u5165 \u5916\u89c2 -> \u4e3b\u9898\u6587\u4ef6\u7f16\u8f91\u5668<\/strong>\u3002<\/li>\n\n\n\n
              2. \u5728\u53f3\u4fa7\u627e\u5230 functions.php<\/code><\/strong>\uff0c\u70b9\u51fb\u8fdb\u884c\u7f16\u8f91\u3002<\/li>\n\n\n\n
              3. \u5728\u6587\u4ef6\u672b\u5c3e\u7684 ?><\/code> \u6807\u7b7e\u4e4b\u524d\uff08\u5982\u679c\u6ca1\u6709 ?><\/code>\uff0c\u5c31\u52a0\u5728\u6587\u4ef6\u6700\u540e\uff09\uff0c\u6dfb\u52a0\u4ee5\u4e0b\u4ee3\u7801<\/strong>\uff1a<\/li>\n<\/ol>\n\n\n\n
                \/**\n * \u9632\u5fa1\u52a0\u56fa\u7b2c\u4e00\u6b65\uff1a\u5c06CF7\u4e0a\u4f20\u6587\u4ef6\u79fb\u81f3Web\u65e0\u6cd5\u76f4\u63a5\u8bbf\u95ee\u7684\u76ee\u5f55\uff0c\u5e76\u5f3a\u5236\u91cd\u547d\u540d\n *\/\nadd_filter( 'wpcf7_upload_dir', 'custom_wpcf7_upload_dir' );\nfunction custom_wpcf7_upload_dir() {\n    \/\/ \u3010\u5173\u952e\u4fee\u6539\u3011\u5b9a\u4e49\u4e00\u4e2a\u5728\u7f51\u7ad9\u516c\u5f00\u76ee\u5f55\uff08www\u6216public_html\uff09\u4e4b\u5916\u7684\u8def\u5f84\n    \/\/ \u8bf7\u54a8\u8be2\u4f60\u7684\u4e3b\u673a\u5546\u6216\u67e5\u770bFTP\u6839\u76ee\u5f55\uff0c\u786e\u5b9a\u4e00\u4e2a\u50cf\/home\/\u4f60\u7684\u7528\u6237\u540d\/private_uploads\/\u7684\u8def\u5f84\n    \/\/ \u5982\u679c\u6682\u65f6\u4e0d\u786e\u5b9a\uff0c\u53ef\u5148\u7528\u4e00\u4e2a\u66f4\u6df1\u7684Web\u5185\u8def\u5f84\uff0c\u4f8b\u5982\uff1a\n    $private_base = WP_CONTENT_DIR . '\/uploads\/private_wpcf7_uploads'; \/\/ \u4f4d\u4e8ewp-content\u5185\u4f46\u66f4\u6df1\n\n    \/\/ \u786e\u4fdd\u6b64\u76ee\u5f55\u5b58\u5728\n    if ( ! file_exists( $private_base ) ) {\n        wp_mkdir_p( $private_base );\n    }\n\n    \/\/ \u8fd4\u56de\u65b0\u8def\u5f84\uff0c\u5e76\u7f6e\u7a7aURL\u4f7f\u76f4\u63a5\u94fe\u63a5\u5931\u6548\n    return array(\n        'path'   => $private_base,\n        'url'    => '', \/\/ \u7559\u7a7a\uff0c\u4f7f\u4efb\u4f55\u76f4\u63a5\u94fe\u63a5\u5931\u6548\n        'subdir' => '',\n        'error'  => false,\n    );\n}\n\n\/\/ \u4e3a\u4e0a\u4f20\u6587\u4ef6\u5f3a\u5236\u751f\u6210\u968f\u673a\u6587\u4ef6\u540d\nadd_filter( 'wpcf7_upload_file_name', 'custom_wpcf7_randomize_name', 10, 3 );\nfunction custom_wpcf7_randomize_name( $original_filename, $file_path ) {\n    \/\/ \u83b7\u53d6\u539f\u59cb\u6587\u4ef6\u540e\u7f00\n    $ext = pathinfo( $original_filename, PATHINFO_EXTENSION );\n    \/\/ \u751f\u6210\u4e00\u4e2a\u9ad8\u5f3a\u5ea6\u968f\u673a\u6587\u4ef6\u540d\uff08uniqid + \u968f\u673a\u5b57\u8282\uff09\n    $new_filename = sprintf( '%s_%s.%s', uniqid(), bin2hex( random_bytes( 8 ) ), strtolower( $ext ) );\n    return $new_filename;\n}<\/code><\/pre>\n\n\n\n
                \u4fee\u6539\u4ee3\u7801\u4e2d\u7684\u8def\u5f84\uff08\u91cd\u8981\uff01\uff09<\/strong>\uff1a\u627e\u5230 $private_base = ...<\/code> \u8fd9\u4e00\u884c\u3002\u5982\u679c\u4f60\u4e0d\u77e5\u9053\u7edd\u5bf9\u5b89\u5168\u8def\u5f84\uff0c\u6682\u65f6\u5148\u4f7f\u7528\u4ee3\u7801\u4e2d\u7ed9\u51fa\u7684\u9ed8\u8ba4\u8def\u5f84<\/strong>\uff08WP_CONTENT_DIR . '\/uploads\/private_wpcf7_uploads'<\/code>\uff09\u3002\u8fd9\u81f3\u5c11\u80fd\u628a\u6587\u4ef6\u85cf\u5230\u66f4\u6df1\u76ee\u5f55\u3002<\/p>\n\n\n\n
                \u9a8c\u8bc1<\/strong>\uff1a\u63d0\u4ea4\u4e00\u4e2a\u5e26\u6587\u4ef6\u7684\u6d4b\u8bd5\u6295\u7a3f\u3002\u7136\u540e\u901a\u8fc7FTP\u53bb\u67e5\u770b\uff0c\u6587\u4ef6\u662f\u5426\u88ab\u5b58\u5230\u4e86 wp-content\/uploads\/private_wpcf7_uploads\/<\/code> \u76ee\u5f55\u4e0b\uff0c\u5e76\u4e14\u540d\u5b57\u53d8\u6210\u4e86\u4e00\u957f\u4e32\u968f\u673a\u5b57\u7b26\u3002<\/p>\n\n\n\n
                \u7b2c\u4e09\u9636\u6bb5\uff1a\u8fdb\u9636\u52a0\u56fa\uff08\u9a8c\u8bc1\u4e0e\u5904\u7406\uff09<\/h3>\n\n\n\n
                \u5728\u7b2c\u4e8c\u9636\u6bb5\u4ee3\u7801\u7684\u57fa\u7840\u4e0a\uff0c\u6211\u4eec\u53ef\u4ee5\u589e\u52a0\u201c\u6587\u4ef6\u5934\u9a8c\u8bc1\u201d\u548c\u201c\u56fe\u7247\u5904\u7406\u201d\u529f\u80fd\u3002<\/p>\n\n\n\n
                A. \u6dfb\u52a0MIME\u7c7b\u578b\u9a8c\u8bc1\uff08\u9632\u4f2a\u540e\u7f00\uff09<\/strong>
                \u5728\u4e0a\u4e00\u6bb5\u7684 custom_wpcf7_randomize_name<\/code> \u51fd\u6570\u91cc\uff0c$new_filename = ...<\/code> \u8fd9\u884c\u4e4b\u524d\uff0c\u53ef\u4ee5\u52a0\u5165\u68c0\u67e5\uff1a<\/p>\n\n\n\n
                \/\/ \u5728\u751f\u6210\u65b0\u6587\u4ef6\u540d\u524d\uff0c\u68c0\u67e5\u6587\u4ef6\u771f\u5b9e\u7c7b\u578b\n$allowed_mime = array(\n    'image\/jpeg' => 'jpg',\n    'image\/png'  => 'png',\n    'image\/gif'  => 'gif',\n    'application\/pdf' => 'pdf',\n    'application\/msword' => 'doc',\n    'application\/vnd.openxmlformats-officedocument.wordprocessingml.document' => 'docx',\n);\n\/\/ 1. \u83b7\u53d6\u58f0\u79f0\u7684\u6269\u5c55\u540d\n    $claimed_ext = strtolower( pathinfo( $original_filename, PATHINFO_EXTENSION ) );\n    \/\/ \u5982\u679c\u6269\u5c55\u540d\u6839\u672c\u4e0d\u5728\u5141\u8bb8\u5217\u8868\uff0c\u76f4\u63a5\u62d2\u7edd\n    if ( ! array_key_exists( $claimed_ext, $allowed_types ) ) {\n        return ''; \/\/ \u8fd4\u56de\u7a7a\u5b57\u7b26\u4e32\u4f1a\u89e6\u53d1CF7\u4e0a\u4f20\u9519\u8bef\n    }\n\n\/\/ 2. \u83b7\u53d6\u6587\u4ef6\u7684\u771f\u5b9eMIME\u7c7b\u578b\uff08\u8bfb\u53d6\u6587\u4ef6\u5934\u5b57\u8282\u7b7e\u540d\uff09\n$finfo = finfo_open( FILEINFO_MIME_TYPE );\n$real_mime = finfo_file( $finfo, $file_path );\nfinfo_close( $finfo );\n\n\/\/ 3. \u9a8c\u8bc1\u771f\u5b9eMIME\u7c7b\u578b\u662f\u5426\u4e0e\u58f0\u79f0\u7684\u6269\u5c55\u540d\u5339\u914d\n    if ( ! in_array( $real_mime, $allowed_types[ $claimed_ext ] ) ) {\n        \/\/ \u4e0d\u5339\u914d\uff01\u8fd9\u662f\u4e00\u4e2a\u4f2a\u88c5\u7684\u6076\u610f\u6587\u4ef6\n        \/\/ \u53ef\u4ee5\u8bb0\u5f55\u65e5\u5fd7\u6216\u6267\u884c\u5176\u4ed6\u5b89\u5168\u64cd\u4f5c\n        return ''; \/\/ \u62d2\u7edd\u4e0a\u4f20\n    }\n    \/\/ --- \u6821\u9a8c\u901a\u8fc7 ---\n\n    \/\/ \u539f\u903b\u8f91\uff1a\u751f\u6210\u9ad8\u5f3a\u5ea6\u968f\u673a\u6587\u4ef6\u540d\n    $new_filename = sprintf( '%s_%s.%s', uniqid(), bin2hex( random_bytes( 8 ) ), $claimed_ext );\n    return $new_filename;\n}<\/code><\/pre>\n\n\n\n
                B. \u5904\u7406\u56fe\u7247\u9a6c\uff08\u7834\u574f\u5d4c\u5165\u6570\u636e\uff09<\/strong>
                \u8fd9\u9700\u8981\u66f4\u590d\u6742\u7684\u56fe\u50cf\u5904\u7406\u3002\u4e00\u4e2a\u76f8\u5bf9\u7b80\u5355\u7684\u65b9\u6cd5\u662f\u5f3a\u5236\u8f6c\u6362\u56fe\u7247\u683c\u5f0f\u548c\u5c3a\u5bf8<\/strong>\u3002\u6b64\u64cd\u4f5c\u8f83\u590d\u6742\uff0c\u5efa\u8bae\u5728\u5b8c\u6210\u524d\u4e24\u6b65\u5e76\u7a33\u5b9a\u8fd0\u884c\u540e\uff0c\u6838\u5fc3\u601d\u8def\u662f\uff1a\u4f7f\u7528PHP GD\u5e93\u6216Imagick\uff0c\u5c06\u4e0a\u4f20\u7684\u56fe\u7247\u91cd\u65b0\u91c7\u6837\u3001\u7f29\u653e\u3001\u4fdd\u5b58<\/strong>\uff0c\u8fd9\u4e2a\u8fc7\u7a0b\u4f1a\u5265\u79bb\u6240\u6709\u975e\u50cf\u7d20\u6570\u636e\u3002\uff08\u6211\u653e\u5230\u540e\u9762\u518d\u8bb2\uff09<\/p>\n\n\n\n
                \u54ce\uff0c\u90a3\u5047\u8bbe\u6211\u53c8\u6709\u4e00\u4e9b\u65b0\u7684\u653b\u51fb\u624b\u6bb5<\/h2>\n\n\n\n
                \u6bd4\u65b9\u8bf4\u6211\u91c7\u75281.php.png\u7684\u8fd9\u79cd\u5f62\u5f0f\u4e0a\u4f20,\u53c8\u6216\u80051.pphphp.png\u7684\u5f62\u5f0f\u8fd9\u6837\u5b50\u53ef\u4ee5\u7ee7\u7eed\u5e72\u6270\u4e86.\u8fd8\u6709\u4e00\u4e9b\u5728\u4e92\u8054\u7f51\u4e0a\u4e3a\u4e86\u4fdd\u8bc1\u6267\u884c\u548c\u89e3\u6790\u3002\u53ef\u80fd\u5728\u4e0a\u4f20\u7684\u65f6\u5019\u5c31\u76f4\u63a5\u628a\u6587\u4ef6\u540d\u6539\u6210\u90a3\u79cd\u7ecf\u8fc7URL\u7f16\u7801\u4e4b\u540e\u7684\u6587\u4ef6\u540d\u6765\u8fdb\u884c\u7ed5\u8fc7,\u6240\u4ee5\u8bf4\u5c31\u5355\u5355\u89c9\u5f97\u5355\u5355\u8fd9\u6837\u5b50\u8fd8\u662f\u4e0d\u591f\u7684\u3002<\/strong><\/p>\n\n\n\n
                .htaccess\u662f\u57fa\u4e8e\u6587\u4ef6\u540d\u548c\u8def\u5f84\u7684\u201c\u89c4\u5219\u5339\u914d\u201d<\/strong>\uff0c\u800c\u653b\u51fb\u8005\u603b\u662f\u8bd5\u56fe\u6df7\u6dc6\u3001\u5e72\u6270\u6216\u7ed5\u8fc7\u8fd9\u4e9b\u89c4\u5219<\/strong>\u3002.htaccess<\/code> \u662f\u9632\u5fa1\u94fe\u6761\u4e2d\u7684\u91cd\u8981\u4e00\u73af\uff0c\u4f46\u7edd\u975e\u6700\u7ec8\u9632\u7ebf<\/strong>\u3002<\/p>\n\n\n\n
                \"\"<\/div><\/figure>\n\n\n\n
                \u5408\u5e76\u540e\u7684\u914d\u7f6e\u5df2\u7ecf\u6bd4\u4e4b\u524d\u5f3a\u5927\uff0c\u7279\u522b\u662f SetHandler None<\/code> \u548c ForceType text\/plain<\/code> \u8bd5\u56fe\u963b\u6b62\u811a\u672c\u6267\u884c\u3002\u7136\u800c\uff0c\u9762\u5bf9\u6211\u63d0\u51fa\u7684\u653b\u51fb\u624b\u6bb5\uff1a<\/p>\n\n\n\n
                \u653b\u51fb\u624b\u6cd5<\/th>\u73b0\u5728\u7684\u914d\u7f6e\u80fd\u5426\u9632\u5fa1\uff1f<\/th>\u539f\u56e0\u5206\u6790<\/th><\/tr><\/thead>
                1.php.png<\/code> (\u6269\u5c55\u540d\u6df7\u6dc6)<\/strong><\/td>\u57fa\u672c\u53ef\u4ee5<\/strong><\/td><FilesMatch \"\\.(php...)$\"><\/code> \u5339\u914d\u672b\u5c3e<\/strong>\u7684 .php<\/code>\uff0c1.php.png<\/code> \u672b\u5c3e\u662f .png<\/code>\uff0c\u4e0d\u5339\u914d\uff0c\u56e0\u6b64\u6587\u4ef6\u4f1a\u88ab\u5141\u8bb8\u4e0a\u4f20<\/strong>\u3002\u4f46\u8fd9\u672c\u8eab\u4e0d\u4e00\u5b9a\u81f4\u547d\uff0c\u56e0\u4e3a\u670d\u52a1\u5668\u901a\u5e38\u6839\u636e\u6700\u540e\u4e00\u4e2a\u540e\u7f00<\/strong>\uff08.png<\/code>\uff09\u51b3\u5b9aMIME\u7c7b\u578b\uff0c\u4e0d\u4f1a\u6267\u884cPHP\u3002\u4f46\u8fd9\u662f\u5371\u9669\u7684\u5f00\u59cb\u3002<\/td><\/tr>
                1.pphphp<\/code> (\u89e3\u6790\u6df7\u6dc6)<\/strong><\/td>\u53ef\u80fd\u88ab\u7ed5\u8fc7<\/strong><\/td>\u8fd9\u53d6\u51b3\u4e8e\u670d\u52a1\u5668\u7684\u89e3\u6790\u987a\u5e8f<\/strong>\u548c\u9012\u5f52\u5220\u9664<\/strong>\u7b56\u7565\u3002\u6709\u4e9b\u65e7\u7248\u6216\u914d\u7f6e\u4e0d\u5f53\u7684\u670d\u52a1\u5668\u53ef\u80fd\u4f1a\u9012\u5f52\u5220\u9664 .php<\/code> \u90e8\u5206\uff0c\u6700\u7ec8\u5c06 1.pphphp<\/code> \u89e3\u6790\u4e3a 1.php<\/code>\u3002\u4f60\u7684\u89c4\u5219\u4f9d\u8d56\u6269\u5c55\u540d\u5339\u914d\uff0c\u53ef\u80fd\u65e0\u6cd5\u62e6\u622a\u3002<\/td><\/tr>
                URL\u7f16\u7801 (1.ph%70hp<\/code>)<\/strong><\/td>\u5f88\u53ef\u80fd\u5931\u6548<\/strong><\/td>.htaccess<\/code> \u89c4\u5219\u901a\u5e38\u5728URL\u89e3\u7801\u524d<\/strong>\u8fdb\u884c\u5339\u914d\u3002\u56e0\u6b64\uff0c\u5b83\u770b\u5230\u7684\u662f\u539f\u59cb\u5b57\u7b26\u4e32 1.ph%70hp<\/code>\uff0c\u4e0d\u4f1a\u5339\u914d \\.(php)<\/code>\u3002\u670d\u52a1\u5668\u89e3\u7801\u540e\uff0c\u8be5\u6587\u4ef6\u53ef\u80fd\u88ab\u6267\u884c\u4e3a 1.php<\/code>\u3002\u8fd9\u662f\u91cd\u5927\u7ed5\u8fc7\u98ce\u9669\u3002<\/strong><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
                \u5982\u4f55\u6784\u5efa\u9632\u5fa1\uff1f<\/h3>\n\n\n\n
                \u771f\u6b63\u7684\u5b89\u5168\u4e0d\u662f\u5835\u4e00\u4e2a\u6d1e\uff0c\u800c\u662f\u5efa\u7acb\u4e00\u5957\u65e0\u8bba\u653b\u51fb\u8005\u5982\u4f55\u53d8\u6362\u6587\u4ef6\u540d\uff0c\u90fd\u65e0\u6cd5\u5371\u5bb3\u7cfb\u7edf<\/strong>\u7684\u6d41\u7a0b\u3002\u8fd9\u9700\u8981\u8df3\u51fa .htaccess<\/code> \u7684\u8303\u7574\uff0c\u5efa\u7acb\u56db\u5c42\u4e3b\u52a8\u9632\u5fa1<\/p>\n\n\n\n
                \u7b2c\u4e00\u5c42\uff1a\u5e94\u7528\u5c42\u7edd\u5bf9\u63a7\u5236\uff08\u6cbb\u672c\u4e4b\u7b56\uff09<\/strong><\/h4>\n\n\n\n
                \u8fd9\u662f\u6211\u4eec\u4e4b\u524d\u8ba8\u8bba\u7684\u6838\u5fc3\u9632\u5fa1<\/strong>\uff0c\u5fc5\u987b\u5b9e\u65bd\u3002\u5728\u4f60\u7684 functions.php<\/code> \u4e2d\u6dfb\u52a0\u4ee3\u7801\uff0c\u5b9e\u73b0\uff1a<\/p>\n\n\n\n
                  \n
                1. \u7acb\u5373\u8f6c\u79fb\u5e76\u91cd\u547d\u540d<\/strong>\uff1a\u4e0a\u4f20\u540e\uff0c\u6587\u4ef6\u7acb\u523b<\/strong>\u88ab\u79fb\u51faWeb\u6839\u76ee\u5f55\uff08\u5982 \/home\/user\/private_<\/code>\uff09\u5e76\u91cd\u547d\u540d\u4e3a\u968f\u673a\u5b57\u7b26\u4e32\uff08\u5982 a1b2c3d4e5<\/code>\uff09\u3002\u653b\u51fb\u8005\u5373\u4f7f\u4e0a\u4f20\u6210\u529f\uff0c\u4e5f\u6c38\u8fdc\u4e0d\u77e5\u9053\u6587\u4ef6\u5728\u54ea\u3001\u53eb\u4ec0\u4e48\u3002<\/strong><\/li>\n\n\n\n
                2. \u9a8c\u8bc1\u6587\u4ef6\u201c\u9b54\u6570\u201d<\/strong>\uff1a\u7528PHP\u7684 finfo_file()<\/code> \u51fd\u6570\u8bfb\u53d6\u6587\u4ef6\u5934\u90e8\u5b57\u8282\u7b7e\u540d<\/strong>\uff08\u5982 FF D8 FF E0<\/code> \u4ee3\u8868JPEG\uff09\uff0c\u5224\u65ad\u771f\u5b9e\u7c7b\u578b\uff0c\u4e0e\u540e\u7f00\u540d\u4e25\u683c\u6bd4\u5bf9\u3002\u8fd9\u53ef\u4ee5\u9632\u5fa1\u6240\u6709\u6587\u4ef6\u540d\/\u7f16\u7801\u6b3a\u9a97\u3002<\/li>\n\n\n\n
                3. \u56fe\u7247\u6587\u4ef6\u201c\u518d\u7f16\u7801\u201d<\/strong>\uff1a\u5bf9\u5141\u8bb8\u7684\u56fe\u7247\uff0c\u7528GD\u5e93\u6216Imagick\u8fdb\u884c\u91cd\u65b0\u91c7\u6837\u3001\u538b\u7f29\u3001\u4fdd\u5b58<\/strong>\u3002\u8fd9\u4f1a\u5f7b\u5e95\u7834\u574f\u56fe\u7247\u4e2d\u9690\u85cf\u7684\u4efb\u4f55\u975e\u56fe\u50cf\u6570\u636e\uff08\u5982\u56fe\u7247\u9a6c\uff09\u3002<\/li>\n<\/ol>\n\n\n\n
                  \u7b2c\u4e8c\u5c42\uff1a\u670d\u52a1\u5668\u89e3\u6790\u5c42\u52a0\u56fa\uff08\u5f25\u8865\u6f0f\u6d1e\uff09<\/strong><\/h4>\n\n\n\n
                  \u5728\u7f51\u7ad9\u7684\u4e3b .htaccess<\/code><\/strong>\uff08\u4f4d\u4e8e\u7f51\u7ad9\u6839\u76ee\u5f55\uff09\u6216\u865a\u62df\u4e3b\u673a\u914d\u7f6e\u4e2d\uff0c\u6dfb\u52a0\u4ee5\u4e0b\u89c4\u5219\uff0c\u53ef\u4ee5\u9632\u5fa1\u4e00\u4e9b\u670d\u52a1\u5668\u89e3\u6790\u6f0f\u6d1e\uff1a<\/p>\n\n\n\n
                  # \u9632\u6b62\u5c06\u56fe\u7247\u6587\u4ef6\u5f53\u4f5cPHP\u89e3\u6790\uff08\u9632\u5fa1\u89e3\u6790\u6f0f\u6d1e\uff09\n<FilesMatch \"\\.(php|php5|phtml|pl|py|jsp|asp|cgi)$\">\n    # \u65e0\u6761\u4ef6\u62d2\u7edd\u8bbf\u95ee\u4efb\u4f55\u811a\u672c\u6587\u4ef6\n    Require all denied\n<\/FilesMatch>\n\n# \u7279\u522b\u9632\u5fa1\uff1a\u5373\u4f7f\u6709 .php \u540e\u7f00\u7684\u56fe\u7247\u4e5f\u62d2\u7edd\n<FilesMatch \"^.*\\.(php\\.(png|jpg|gif))$\">\n    Require all denied\n<\/FilesMatch><\/code><\/pre>\n\n\n\n
                  \u7b2c\u4e09\u5c42\uff1aWeb\u76ee\u5f55\u9694\u79bb<\/strong><\/h4>\n\n\n\n
                  \u4e3a wpcf7_uploads<\/code> \u76ee\u5f55\u8bbe\u7f6e\u7684 .htaccess<\/code> (Require all denied<\/code>) \u5fc5\u987b\u4fdd\u7559<\/strong>\u3002\u8fd9\u662f\u6700\u540e\u4e00\u9053\u7269\u7406\u5c4f\u969c\uff0c\u5373\u4f7f\u6709\u6587\u4ef6\u56e0\u672a\u77e5\u6f0f\u6d1e\u88ab\u653e\u5230\u4e86\u8fd9\u91cc\uff0c\u4e5f\u65e0\u6cd5\u76f4\u63a5\u8bbf\u95ee\u3002<\/p>\n\n\n\n
                  \u7b2c\u56db\u5c42\uff1a\u8fd0\u7ef4\u5c42\u9762\u9632\u62a4<\/strong><\/h4>\n\n\n\n
                    \n
                  1. \u4fdd\u6301\u6240\u6709\u8f6f\u4ef6\u66f4\u65b0<\/strong>\uff1aWordPress\u6838\u5fc3\u3001\u63d2\u4ef6\u3001\u4e3b\u9898\u3001PHP\u7248\u672c\u3001\u670d\u52a1\u5668\u7cfb\u7edf\u3002<\/li>\n\n\n\n
                  2. \u4f7f\u7528\u4e13\u4e1a\u5b89\u5168\u63d2\u4ef6<\/strong>\uff1a\u5982 Wordfence<\/strong>\uff0c\u5b83\u5177\u5907\u9632\u706b\u5899<\/strong>\u548c\u6587\u4ef6\u5b8c\u6574\u6027\u76d1\u63a7<\/strong>\u529f\u80fd\uff0c\u80fd\u4e3b\u52a8\u963b\u65ad\u53ef\u7591\u8bf7\u6c42\uff0c\u5e76\u5728\u6587\u4ef6\u88ab\u7be1\u6539\u65f6\u62a5\u8b66\u3002<\/li>\n\n\n\n
                  3. \u6700\u5c0f\u5316\u66b4\u9732<\/strong>\uff1a\u670d\u52a1\u5668\u9519\u8bef\u9875\u9762\u4e0d\u663e\u793a\u8def\u5f84\u4fe1\u606f\u3002<\/li>\n<\/ol>\n\n\n\n
                    Nginx\u7248\u672c<\/h2>\n\n\n\n
                    \u4ec0\u4e48\u4f60\u544a\u8bc9\u6211\u4f60\u7684\u914d\u7f6e\u5df2\u7ecf\u4fee\u6539\u5b8c\u4e86\uff0c\u4f46\u662f\u6d4b\u8bd5\u7684\u65f6\u5019\u5374\u6ca1\u6709\u8fd4\u56de\u6548\u679c\u2026..<\/p>\n\n\n\n
                    \u8fd9\u662f\u4e00\u4e2a\u975e\u5e38\u5173\u952e\u7684\u95ee\u9898\uff0c\u8bf4\u660e\u5b89\u5168\u5c4f\u969c\u6ca1\u6709\u751f\u6548\u3002403\u672a\u51fa\u73b0\uff0c\u901a\u5e38\u610f\u5473\u7740 .htaccess<\/code> \u6587\u4ef6\u672a\u88abApache\u670d\u52a1\u5668\u6b63\u786e\u8bfb\u53d6\u6216\u6267\u884c<\/strong>\u3002<\/p>\n\n\n\n
                    \"\"<\/div><\/figure>\n\n\n\n
                    \u7b2c\u4e00\u6b65\uff1a\u6700\u53ef\u80fd\u7684\u539f\u56e0\u2014\u2014\u6587\u4ef6\u653e\u9519\u4e86\u4f4d\u7f6e<\/h3>\n\n\n\n
                    .htaccess<\/code> \u7684\u89c4\u5219\u53ea\u5bf9\u5b83\u6240\u5728\u76ee\u5f55\u53ca\u5176\u5b50\u76ee\u5f55\u751f\u6548<\/strong>\u3002\u4f60\u5fc5\u987b\u5c06\u6587\u4ef6\u653e\u5728\u4f60\u60f3\u8981\u4fdd\u62a4\u7684\u90a3\u4e2a\u5177\u4f53\u6587\u4ef6\u5939<\/strong>\u91cc\u3002<\/p>\n\n\n\n
                      \n
                    1. \u8bf7\u518d\u6b21\u786e\u8ba4<\/strong>\uff1a\u4f60\u4fee\u6539\u7684\u662f\u54ea\u4e2a .htaccess<\/code> \u6587\u4ef6\uff1f\u4f60\u9700\u8981\u4fdd\u62a4\u7684\u662f wpcf7_uploads<\/code> \u76ee\u5f55\u3002<\/li>\n\n\n\n
                    2. \u6b63\u786e\u8def\u5f84<\/strong>\uff1a\u5305\u542b Require all denied<\/code> \u89c4\u5219\u7684 .htaccess<\/code> \u6587\u4ef6\uff0c\u5fc5\u987b\u4f4d\u4e8e\u4ee5\u4e0b\u8def\u5f84\uff1a
                      \/wp-content\/uploads\/wpcf7_uploads\/.htaccess<\/code>
                      \uff08\u8bf7\u6ce8\u610f\u6587\u4ef6\u540d\u4ee5\u70b9\u5f00\u5934\uff09<\/li>\n\n\n\n
                    3. \u68c0\u67e5\u65b9\u6cd5<\/strong>\uff1a\u7528FTP\u6216\u6587\u4ef6\u7ba1\u7406\u5668\uff0c\u5bfc\u822a\u5230\u8fd9\u4e2a\u76ee\u5f55\uff0c\u786e\u8ba4 .htaccess<\/code> \u6587\u4ef6\u5c31\u5728\u8fd9\u91cc<\/strong>\uff0c\u800c\u4e0d\u662f\u5728\u7f51\u7ad9\u6839\u76ee\u5f55\u6216\u5176\u4ed6\u5730\u65b9\u3002<\/li>\n<\/ol>\n\n\n\n
                       \u7b2c\u4e8c\u6b65\uff1a\u68c0\u67e5\u89c4\u5219\u672c\u8eab\u4e0e\u670d\u52a1\u5668\u73af\u5883<\/h3>\n\n\n\n
                        \n
                      1. \u89c4\u5219\u72ec\u7acb\u6027<\/strong>\uff1a\u786e\u4fdd\u4f60\u7684\u89c4\u5219\u6ca1\u6709\u9519\u8bef\u5730\u5d4c\u5957<\/strong>\u5728 <IfModule mod_rewrite.c><\/code> \u6216 # BEGIN WordPress<\/code> \u7b49\u4efb\u4f55\u5176\u4ed6\u6a21\u5757\u533a\u5757\u5185\u3002\u5728 wpcf7_uploads<\/code> \u76ee\u5f55\u4e0b\u7684 .htaccess<\/code>\uff0c\u5185\u5bb9\u5e94\u8be5\u53ea\u6709\u7eaf\u7cb9\u7684\u5b89\u5168\u89c4\u5219<\/strong>\uff0c\u4f8b\u5982\uff1aapache# \u65e0\u6761\u4ef6\u62d2\u7edd\u6240\u6709\u8bbf\u95ee Require all denied Options -Indexes\u4e0d\u8981<\/strong>\u5305\u542b RewriteEngine On<\/code> \u7b49WordPress\u91cd\u5199\u89c4\u5219\u3002<\/li>\n\n\n\n
                      2. \u6d4b\u8bd5 .htaccess<\/code> \u662f\u5426\u88ab\u8bfb\u53d6<\/strong>\uff1a\n