Last update at :2024-06-17,Edit by888u
Snail yesterday helped several netizens solve several WDCP panel security issues when sharing "Check WDCP panel management security vulnerabilities and upgrade WDCP security patches" problem. Some systems were reinstalled, and some I manually cleared the stored key files and found that one of them was not completely resolved. I received a VPS suspension notification from the VPS service provider this morning, prompting that WDCP had signs of external contracting and needed to be dealt with in a timely manner. It seems that the recent security issues regarding WDCP are still there. More serious. Here are some commonly used points to solve basic problems when using WDCP or other panels.
Article Directory Hide
Prevent the occurrence of WDCP panel security issues
Thoroughly check and resolve WDCP panel security vulnerabilities
Prevent the occurrence of WDCP panel security issues
First, install the latest version and upgrade in time
No matter which VPS management panel we use, we need to use the latest version. This is similar to how we use website CMS, especially when security patches are available, they should be updated in a timely manner to ensure that they are not exploited.
Second, delete the default file
For users who want to batch check whether to use the WDCP panel, they are used to view the default files with the title "LANMP One-click Installation Package - Lamp\\". These are in the default directory where we have successfully installed them and need to be deleted.
This makes it easy to find out which WDCP panel we are using.
Third, modify the WDCP port
The default WDCP installation login panel is IP:8080 port. We need to change it to a random port so that the login address cannot be seen.
Fourth, back up data regularly
Back up data regularly. Ordinary users may not damage the operation of the website environment, but some may directly damage it, so we need to back up data in a timely manner. Make sure you can recover it even if it is lost.
Thoroughly inspect and resolve WDCP panel security vulnerabilities
Security issues are quite annoying and definitely need to be solved. Here Snail provides solutions and you can choose to use them according to your own needs and actual situation.
First, upgrade to the latest version
You can refer to the following command to upgrade to the latest version
wget http://down.wdlinux.cn/down/wdcp_v2.5.tar.gztar zxvf wdcp_v2.5.tar.gz -C /
Second, check the database and suspicious files
If we find that the original management account cannot be entered when we log in to the WDCP panel, it means that there is a problem with our security, at least someone has entered. We need to check whether the administrator account has multiple accounts, and whether there are redundant database users and website files. Judging from the several problems solved by Snail, they are basically used to escalate privilege keys. According to the method provided by netizen Peter, you need to check whether there are files in the ROOT root directory that can be viewed. Whether the keys in the SSH directory have been added. .
Third, reinstall the system to restore website data
For example, the one that Snail solved yesterday seems to have not been completely handled. If we have the conditions, we will try our best to reinstall the VPS environment and then move the website there again. Of course, you need to modify the security settings according to the previous section.
In short, it seems that there are still many security issues with WDCP this time. I hope the WDCP official will pay attention to it and continue to improve it, because this panel has not changed for a long time, but some cloud service providers’ forums and recommended installations have This panel is recommended, and it can be said that there are still many users.
Recommended site searches: local IP query, same IP site query, Hong Kong vps, Chinese domain name corporate email, virtual host evaluation, Korean high-defense server, website virtual host space, vps dynamic IP Server, Wanwang registered domain name,
发表评论