Last update at :2024-06-17,Edit by888u
Today when Snail was cleaning up the expired Linode purchase account, he accidentally saw that the total traffic was only about 80%. According to the average user, it is impossible to consume such a large amount of traffic if building a website. There must be some users among them. It is a large amount of data consumption, either used by me for a special purpose, or the VPS is being used by others. So I clicked on the VPS of one of the netizens and saw that 2500GB of traffic had been consumed in November (only 5 days). There must be something wrong with this account. This user told me that it was impossible for his website to consume more than a dozen IPs a day.
So I logged into the VPS and saw that there were many unknown files in the ROOT directory. It seemed that this friend did not deal with the problem thoroughly. The website environment of this machine uses the WDCP panel. There is an additional TEST username in the panel management account, and the original ADMIN username and password are incorrectly logged in. Check the logs and you can see traces of modifications.
You can see that it was actually settled on 11.1. Then I reset my password first, and then deleted the TEST username in the system. Within a few minutes, this friend changed my password again. login password, and uploaded the files he needed in the ROOT directory. In short, if we use the panel, it is actually very convenient to check the log IP every day. If it is not our IP, then we need to check the problem.
It may be caused by the fact that many users did not upgrade the WDCP panel after exploiting the security vulnerability announced by WDCP before September 26. After we log in to the WDCP panel, we can see that there are new version upgrades that require prompts.
How to upgrade the WDCP panel to the latest version
A – WDCP panel background upgrade
This method is directly in the background of the WDCP panel. We can see the \\"Upgrade\\" connection in the picture above. Snail found that not all old versions of WDCP have this connection. I also wonder why, because There is a customer's machine that needs to be upgraded and I can't find it at all. If not, it doesn’t matter, we can use the following method.
B – SSH command to upgrade the latest package
wget http://down.wdlinux.cn/down/wdcp_v2.5.tar.gztar zxvf wdcp_v2.5.tar.gz -C /
Enter the above command directly and press Enter to replace and install the latest files.
Then we refresh the panel to see if it has the latest environment package.
This will at least ensure that the WDCP panel is the latest version. If there are users using WDCP panels, please check and upgrade immediately. If you find abnormal traffic after the upgrade, you have no choice but to redo the system.
Recommended site search: registration-free virtual space, pw domain name Zhengzhou server, registration and cancellation, US multi-ip station group vps, how to cancel domain name registration, Chinese international domain name, cloud server rental, free space, US domain name website ,
发表评论