How to effectively prevent others from wearing the homepage snapshot of the website

Recently, we suddenly found that our official website had been invaded , It is found that the homepage code of the website has been modified , Changed snapshot content ！ Our program belongs to dedecms Secondary development program template ！ Officially authorized ！

After being invaded, I checked the contents of the snapshot and got the following picture

Through a large number of inspections, it was found that the website was used a long time ago. In a word, Trojans have invaded the website and uploaded some malicious files .

One of the PHP File management permission is very, very large , So they can pass this php File modify any file of the website .

At present, it is found that behind this kind of Trojan horse, there are many programs in dream weaving , As long as they invade your website, they will implant this kind of back door .

According to the difficulties we have encountered and the experience we have solved , We have summarized some solutions for you on gezhan network .

1、 If there is no secondary development , Everyone delete all the core files of the website , Keep templates and styles and pictures , Cover official procedure documents , It can quickly clean up the implanted Trojan files .

2、 Check the picture template or style template , Whether the upload directory has PHP file , adopt .htaccess Let these directories not be executed php file

The code is as follows

<IfModule mod_rewrite.c>
  <FilesMatch "\.php$">
    Deny from all
  </FilesMatch> 
</IfModule>

 3、 That's through D Shield some anti-virus software to check and kill in large quantities , It is possible that some of their Trojan horse code is embedded in the picture .

4、 That is, everyone close it eval function , In this way, others can't implant the Trojan horse into our program ！

5、 You can search in the program $password= Look at those files with this open to see if it is a Trojan horse file , If it is deleted .！