{"id":1008,"date":"2025-12-22T03:30:30","date_gmt":"2025-12-21T19:30:30","guid":{"rendered":"https:\/\/lalaland.wlzy.online\/?p=1008"},"modified":"2025-12-24T08:43:46","modified_gmt":"2025-12-24T00:43:46","slug":"wordpress%e6%9c%80%e5%b0%8f%e8%bf%81%e7%a7%bb-docker%e9%83%a8%e7%bd%b2","status":"publish","type":"post","link":"https:\/\/lalaland.wlzy.online\/?p=1008","title":{"rendered":"wordpress\u6700\u5c0f\u8fc1\u79fb\uff0cdocker\u90e8\u7f72\u4e0eSecurity\u5efa\u8bae"},"content":{"rendered":"\n<p>\u524d\u6bb5\u65f6\u95f4\u672c\u7f51\u7ad9\u88ab\u9ed1\u4e86\uff0c\u7f51\u7ad9\u76ee\u5f55\u4e0b\u7684php\u6587\u4ef6\u91cc\u88ab\u6302\u4e0a\u4e86\u8df3\u8f6c\u5230\u83e0\u83dc\u7f51\u7ad9\u7684\u4ee3\u7801\uff0c\u88ab\u4e91\u670d\u52a1\u5546\u7684\u5ba2\u670d\u6253\u7535\u8bdd\u8981\u6c42\u8d76\u7d27\u4fee\u6539\u3002\u3002\u3002\u672c\u60f3\u5220\u6389\u6076\u610f\u4ee3\u7801\u4e86\u4e8b\uff0c\u7ed3\u679c\u4e00\u67e5\u5413\u4e00\u8df3\uff0c\u8fd9\u4e2a\u7f51\u7ad9\u5df2\u7ecf\u6bd2\u5f97\u4e0d\u6210\u6837\u5b50\uff0c\u65e0\u5b54\u4e0d\u5165\u5730\u88ab\u690d\u5165\u6076\u610f\u811a\u672c\u548c\u4ee3\u7801\u4e86\u3002<\/p>\n\n\n\n<p>\u4e8e\u662f\u6211\u4e5f\u6ca1\u6709\u529e\u6cd5\uff0c\u53ea\u80fd\u8fc1\u79fb\u5230\u65b0\u7684docker\u5bb9\u5668\u91cc\u4e86\u3002\u7136\u800c\u90e8\u7f72\u8fc7\u7a0b\u4e2d\u53c8\u53d1\u73b0\u4e86\u8bb8\u591a\u95ee\u9898\uff0c\u90a3\u4e48\u6211\u5e94\u8be5\u5199\u7bc7\u6587\u7ae0\u8bb0\u5f55\u4e0b\u6765\u3002<\/p>\n\n\n\n<p>\u90a3\u4e48\u60f3\u8981\u8fc1\u79fbwp\u8be5\u600e\u4e48\u505a\u5462\uff1f\u90a3\u4e9b\u4e2a\u8fc1\u79fb\u63d2\u4ef6\u6211\u89c9\u5f97\u5c31\u522b\u60f3\u7740\u7528\u4e86\uff0c\u9996\u5148\u662f\u5b89\u5168\u95ee\u9898\uff1a\u4f60\u5982\u679c\u662f\u50cf\u6211\u4e00\u6837\u88ab\u9ed1\u4e86\u6240\u4ee5\u8981\u8fc1\u79fb\uff0c\u90a3\u4e48\u53ea\u5e94\u8be5\u4fdd\u7559\u6700\u4f4e\u9650\u5ea6\u7684\u7f51\u7ad9\u5185\u5bb9\uff0c\u4e5f\u5c31\u662f\u7528\u6237\u4fe1\u606f\u548c\u6587\u7ae0\u4fe1\u606f\u7b49\u3002\u50cf\u63d2\u4ef6\u548c\u4e3b\u9898\u90a3\u4e9b\u4e1c\u897f\u6781\u5927\u6982\u7387\u5df2\u7ecf\u88ab\u6ce8\u5165\u4e86\u6076\u610f\u4ee3\u7801\uff0c\u53ea\u80fd\u662f\u5148\u628a\u65b0\u7f51\u7ad9\u642d\u5efa\u597d\u4e86\u518d\u53bb\u624b\u52a8\u5b89\u88c5\u4e3b\u9898\u548c\u63d2\u4ef6\u3002\u5176\u6b21\u662f\u6536\u8d39\u95ee\u9898\uff0cmd\uff0c\u8fd9\u4e9b\u8fc1\u79fb\u63d2\u4ef6\u90fd\u662f\u540c\u6837\u4e00\u526f\u5634\u8138\u2014\u2014\u521a\u5f00\u59cb\u514d\u8d39\u7528\uff0c\u540e\u9762\u628a\u5927\u90e8\u5206\u529f\u80fd\u53d8\u6210\u6536\u8d39\u3002\u4e0d\u4ea4\u94b1\u5c31\u522b\u60f3\u5b89\u5fc3\u8fc1\u79fb\uff0c\u771f\u662f\u574f\u900f\u4e86\uff01<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-medium-font-size\">WordPress\u6700\u5c0f\u8fc1\u79fb\u9700\u8981\u8003\u8651\u54ea\u4e9b\u6587\u4ef6\uff1f<\/h2>\n\n\n\n<p>\u5b98\u65b9\u6700\u63a8\u8350\u7684\u6700\u5c0f\u8fc1\u79fb\uff0c\u8981\u4fdd\u7559\u7684\u53ea\u6709\u4e09\u90e8\u5206\u5185\u5bb9\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u6570\u636e\u5e93\u4e2d\u7684\u6570\u636e\uff1a\u5b58\u50a8\u4e86\u7528\u6237\u4fe1\u606f\uff0c\u6587\u7ae0\u5185\u5bb9\uff0c\u7f51\u7ad9\u8bbe\u7f6e\u7b49\u6570\u636e<\/li>\n\n\n\n<li>wp-content\/uploads\u76ee\u5f55\uff1a\u4e3b\u8981\u5b58\u50a8\u4e86\u6587\u7ae0\u4e2d\u7684\u56fe\u7247<\/li>\n\n\n\n<li>wp-config.php\u914d\u7f6e\u6587\u4ef6<\/li>\n<\/ul>\n\n\n\n<p>\u524d\u4e24\u8005\u663e\u7136\u5bb9\u6613\u88ab\u7be1\u6539\uff0c\u4f46\u662fwp-config.php\u6700\u597d\u4e5f\u522b\u5b8c\u5168\u4fe1\u4efb\uff0c\u5e94\u8be5\u81ea\u5df1\u91cd\u65b0\u5199\u6216\u8005\u81f3\u5c11\u5e94\u8be5\u4ed4\u7ec6check\u6709\u6ca1\u6709\u88ab\u52a0\u6599\u3002<\/p>\n\n\n\n<p class=\"has-medium-font-size\">1. <strong>\u5bfc\u51faDB\u7684\u5185\u5bb9\uff0c\u4ee5mysql\u4e3a\u4f8b\uff1a<\/strong><\/p>\n\n\n\n<p>\u5148\u5bfc\u51fa\u6570\u636e\u5e93\uff0c\u9488\u5bf9\u65e7\u7684DB\u6267\u884c\uff1a<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>mysqldump -u&lt;user&gt; -h&lt;host&gt; --port &lt;port&gt; -p&lt;password&gt; --single-transaction &lt;db_name&gt;&nbsp;&gt; wordpress.sql<\/code><\/pre>\n\n\n\n<p class=\"has-medium-font-size\">2. <strong>\u521b\u5efa\u65b0\u7684docker\u5bb9\u5668\uff08wordpress\u548cmysql\uff09<\/strong>\uff1a<\/p>\n\n\n\n<p>\u8fd9\u91cc\u4f7f\u7528docker-compose.yml\u628awordpress\u548cmysql\u521b\u5efa\u5728\u540c\u4e00\u4e2a\u7f51\u7edc\u91cc\uff0c\u8fd9\u6837\u5b83\u4eec\u7684\u901a\u4fe1\u4e5f\u80fd\u7a0d\u5fae\u5feb\u4e00\u4e9b\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>version: \"3.8\"\n\nservices:\n  mysql:\n    image: mysql:8.0\n    container_name: wordpress_mysql\n    restart: unless-stopped\n    ports:\n      - \"127.0.0.1:&lt;port&gt;:3306\"  # \u5efa\u8bae\u6307\u5b9a127.0.0.1\uff0c\u5916\u90e8\u65e0\u6cd5\u8bbf\u95ee\u6bd4\u8f83\u5b89\u5168\n    environment:\n      MYSQL_ROOT_PASSWORD: &lt;root_password&gt;\n      MYSQL_DATABASE: wordpressdb\n      MYSQL_USER: wordpress\n      MYSQL_PASSWORD: &lt;password&gt;\n    volumes:\n      - &lt;host machine path&gt;:\/var\/lib\/mysql\n    networks:\n      - wp_net\n\n  wordpress:\n    image: wordpress:6.9-php8.3-apache\n    container_name: wordpress_server\n    restart: unless-stopped\n    depends_on:\n      - mysql\n    ports:\n      - \"&lt;port&gt;:80\"\n    environment:\n      WORDPRESS_DB_HOST: wordpress_mysql:3306\n      WORDPRESS_DB_NAME: wordpressdb\n      WORDPRESS_DB_USER: wordpress\n      WORDPRESS_DB_PASSWORD: &lt;password&gt;\n    volumes:\n      - &lt;host machine path&gt;:\/var\/www\/html\n    networks:\n      - wp_net\n\nnetworks:\n  wp_net:\n    driver: bridge<\/code><\/pre>\n\n\n\n<p>\u7136\u540e\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\u6765\u542f\u52a8\u5bb9\u5668\uff1a<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>docker compose up -d<\/code><\/pre>\n\n\n\n<p>\u6210\u529f\u542f\u52a8\u540e\u8fde\u63a5\u4e0a\u65b0\u7684mysql\u670d\u52a1\u5668\uff0c\u628a\u4e4b\u524d\u5bfc\u51fa\u7684\u6570\u636e\u5bfc\u8fdb\u53bb\uff1a<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>SOURCE \/path_To_SQL_File\/wordpress.sql<\/code><\/pre>\n\n\n\n<p class=\"has-medium-font-size\"><strong>3. wp-config.php\u914d\u7f6e\u6587\u4ef6\uff1a<\/strong><\/p>\n\n\n\n<p>\u9488\u5bf9\u4e00\u4e2a\u5168\u65b0\u7684wp-config.php\u914d\u7f6e\u6587\u4ef6\uff0c\u5728\u5199\u5b8c\u81ea\u5df1\u7684\u6570\u636e\u5e93\u76f8\u5173\u914d\u7f6e\u4e4b\u540e\u4ec5\u9700\u8981\u6dfb\u52a0\u4e0b\u9762\u7684\u5185\u5bb9\u5c31\u53ef\u4ee5\u4e86\uff0c\u4f46\u8bf7\u5148\u68c0\u67e5\u5b83\u4eec\u662f\u5426\u5df2\u7ecf\u5b58\u5728\u4e8e\u6587\u4ef6\u4e2d\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\" style=\"border-style:none;border-width:0px\"><code>\/\/ \u5982\u679c\u4f60\u7684\u73af\u5883\u662f\u901a\u8fc7\u5bb9\u5668\u8fd0\u884cwordpress\u548capache\uff0c\u7136\u540e\u5728\u5bbf\u4e3b\u673a\u4f7f\u7528nginx\u7b49\u4ee3\u7406\u6765\u914d\u7f6eHTTPS\uff0c\u9700\u8981\u4ee5\u4e0b\u914d\u7f6e\nif (isset($_SERVER&#91;'HTTP_X_FORWARDED_PROTO']) &amp;&amp; strpos($_SERVER&#91;'HTTP_X_FORWARDED_PROTO'], 'https') !== false) {\n\t$_SERVER&#91;'HTTPS'] = 'on';\n}\n\n\/\/ \u4e0b\u9762\u4e24\u884c\u7528\u4e8e\u7981\u6b62\u540e\u53f0\u7f16\u8f91php\u6587\u4ef6\uff0c\u9632\u6b62\u9ed1\u5ba2\u5165\u4fb5\ndefine('DISALLOW_FILE_EDIT', true);   \/\/ not allow edit php in backend\ndefine('DISALLOW_FILE_MODS', false);  \/\/ allow install\/update\/delete plugins and themes\n\n\/\/ \u4e0b\u9762\u4e24\u884c\u7528\u4e8e\u542f\u7528\u81ea\u52a8\u66f4\u65b0\uff0c\u4f46\u53ea\u66f4\u65b0\u5c0f\u7248\u672c\uff0c\u5927\u7248\u672c\u4e0d\u4f1a\u81ea\u52a8\u66f4\u65b0\u3002\u4f46\u5982\u679c\u5df2\u7ecf\u5bf9wp-admin\u548cwp-includes\u9501\u6743\u9650\u4e86\u7684\u8bdd\u4e0b\u9762\u7684\u5185\u5bb9\u662f\u65e0\u7528\u7684\uff0c\u4f1a\u66f4\u65b0\u5931\u8d25\u3002\ndefine('AUTOMATIC_UPDATER_DISABLED', false); \/\/ allow auto update\ndefine('WP_AUTO_UPDATE_CORE', 'minor'); \/\/ but only small versions\n\n\/\/ \u4e0b\u9762\u4e00\u884c\u7528\u4e8e\u8ba9wordpress\u4e0d\u9700\u8981FTP\u5373\u53ef\u5b89\u88c5\u63d2\u4ef6\u548c\u4e3b\u9898\ndefine('FS_METHOD', 'direct'); \/\/ to avoid FTP requirement on the webpage\n\n\/\/ \u4e0b\u9762\u51e0\u884c\u7528\u4e8e\u542f\u7528debug\uff0c\u542f\u7528\u540e\u53ef\u4ee5\u5728\u6d4f\u89c8\u5668\u63a7\u5236\u53f0\u548c\u4e00\u4e9b\u65e5\u5fd7\u6587\u4ef6\u91cc\u770b\u5230\u4fe1\u606f\n\/\/define('WP_DEBUG', true);\n\/\/define('WP_DEBUG_LOG', true);\n\/\/define('WP_DEBUG_DISPLAY', true);\n\/\/@ini_set('display_errors', 1);\n\n\n\/* That's all, stop editing! Happy publishing. *\/<\/code><\/pre>\n\n\n\n<p class=\"has-medium-font-size\"><strong>4. \u62f7\u8d1dwp-contents\/uploads\u76ee\u5f55<\/strong><\/p>\n\n\n\n<p>\u63a5\u4e0b\u6765\u6211\u4eec\u628a\u65e7\u7f51\u7ad9\u4e0a\u7684uploads\u76ee\u5f55\u590d\u5236\u5230\u65b0\u7f51\u7ad9\uff0c\u5728\u590d\u5236\u4e4b\u524d\u5f3a\u70c8\u5efa\u8bae\u5728uploads\u76ee\u5f55\u4e0b\u6267\u884c\u4e00\u6b21\u4e0b\u9762\u7684\u547d\u4ee4\uff0c\u68c0\u67e5\u4e00\u4e0b\u662f\u5426\u6709\u6076\u610f\u811a\u672c\u5b58\u5728\u3002\u8fd9\u91cc\u662f90%\u7684\u9ed1\u5ba2\u653b\u51fb\u5207\u5165\u70b9\u3002<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>find .\/ -type f ! -iname \"*.jpg\" ! -iname \"*.png\"<\/code><\/pre>\n\n\n\n<p>\u6309\u7406\u8bf4\u8fd9\u4e2a\u76ee\u5f55\u4e0b\u53ea\u5e94\u8be5\u5b58\u5728\u56fe\u7247\u6587\u4ef6\uff0c\u5176\u5b83\u4e00\u5207\u6587\u4ef6\u90fd\u53ef\u80fd\u662f\u6709\u95ee\u9898\u7684\uff0c\u5efa\u8bae\u5220\u9664\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-medium-font-size\">\u5bbf\u4e3b\u673a\u4ee3\u7406\u8bbe\u7f6e<\/h2>\n\n\n\n<p>\u914d\u7f6e\u5b8c\u4ee5\u4e0a\u5185\u5bb9\uff0c\u6211\u4eec\u5c31\u80fd\u591f\u7528HTTP\u534f\u8bae\u8bbf\u95ee\u5bb9\u5668\u7684\u7aef\u53e3\u6765\u6253\u5f00\u9875\u9762\u4e86\u3002\u4f46\u5982\u679c\u9700\u8981\u914d\u7f6e\u57df\u540d\u548chttps\uff0c\u6211\u4eec\u8fd8\u9700\u8981\u5728\u5bbf\u4e3b\u673a\u4e0a\u914d\u7f6enginx\u6216\u7c7b\u4f3c\u7684\u4ee3\u7406\u5de5\u5177\u3002<\/p>\n\n\n\n<p>\u4ee5\u4e0b\u662f\u6211\u7684Nginx\u914d\u7f6e\uff0c\u4ec5\u4f9b\u53c2\u8003\uff1a<\/p>\n\n\n\n<p>\/etc\/nginx\/nginx.conf<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>http {\n\n    upstream tempWordpress {\n        server 127.0.0.1:&lt;your container port&gt;;\n    }\n    ......<\/code><\/pre>\n\n\n\n<p>\/etc\/nginx\/sites-enable\/wordpress<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>server {\n\n    listen 443 ssl http2;\n    server_name &lt;your domain name&gt;;\n    \n    ssl on;\n\tssl_certificate &lt;your certificate&gt; \n\tssl_certificate_key &lt;your certificate key&gt;\n    \n    # Security, not allow run any script in uploads\/ and languages\/\n    location ~* ^\/wp-content\/(uploads|languages|cache)\/.*\\.(php|phtml|phar|pl|py|cgi|sh)$ {\n        deny all;\n    }\n\n    location \/ {\n        proxy_pass http:\/\/tempWordpress\/;   # the upstream name you wrote in nginx.conf\n        proxy_redirect  off;\n        proxy_set_header Host $host;\n        proxy_set_header X-Real-IP $remote_addr;\n        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n\t\n\tproxy_set_header X-Forwarded-Proto https;\n        proxy_set_header X-Forwarded-Port 443;\n        proxy_redirect off;\n\n    }\n\n\n    proxy_set_header Host $host;\n    proxy_set_header X-Real-IP $remote_addr;\n    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n    gzip on;\n    gzip_min_length 5k;\n    gzip_buffers 4 16k;\n    gzip_http_version 1.1;\n    gzip_comp_level 3;\n    gzip_types text\/plain application\/json application\/javascript text\/css application\/xml text\/javascript image\/jpeg image\/gif image\/png;\n    gzip_vary on;\n}\n\nserver {\n    listen 80;\n    server_name &lt;your domain name&gt;;\n    return 301 https:\/\/$host$request_uri;\n}<\/code><\/pre>\n\n\n\n<p>\u81f3\u6b64\uff0c\u5982\u679c\u987a\u5229\u7684\u8bdd\u4f60\u5df2\u7ecf\u53ef\u4ee5\u901a\u8fc7\u81ea\u5df1\u8bbe\u7f6e\u7684\u57df\u540d\uff0c\u4ee5https\u534f\u8bae\u6210\u529f\u8bbf\u95ee\u4e86\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-large-font-size\">\u9488\u5bf9\u5b89\u5168\u6027\u7684\u5efa\u8bae &#8211; \u6570\u636e\u5e93<\/h2>\n\n\n\n<p>\u6570\u636e\u5e93\u4e5f\u5341\u5206\u6709\u53ef\u80fd\u88ab\u6ce8\u5165\u6076\u610f\u811a\u672c\uff0c\u6216\u8005\u88ab\u521b\u5efa\u4e86\u7528\u6237\uff0c\u6211\u4eec\u53ef\u4ee5\u901a\u8fc7\u4ee5\u4e0b\u547d\u4ee4\u53bb\u7b5b\u67e5\uff1a<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>-- \u641c\u7d22\u6076\u610f\u811a\u672c\uff1a\n-- script\nSELECT option_name FROM wp_options\nWHERE option_value LIKE '%&lt;script%';\n-- base64\nSELECT option_name FROM wp_options\nWHERE option_value LIKE '%base64_decode%';\n-- eval\nSELECT option_name FROM wp_options\nWHERE option_value LIKE '%eval(%';\n\n-- \u641c\u7d22\u6587\u7ae0\u4e2d\u7684\u94fe\u63a5\uff1a\nSELECT ID, post_title\nFROM wp_posts\nWHERE post_content LIKE '%display:none%'\n   OR post_content LIKE '%visibility:hidden%';\n\n-- \u641c\u7d22\u53ef\u7591\u7684\u5916\u94fe\u57df\u540d\uff1a\nSELECT ID, post_title\nFROM wp_posts\nWHERE post_content LIKE '%http%'\n  AND post_content NOT LIKE '%\u4f60\u7684\u57df\u540d%';\n\n-- \u68c0\u67e5active_plugins\uff0c\u770b\u770b\u6709\u6ca1\u6709\u81ea\u5df1\u4e0d\u8ba4\u8bc6\u7684\u63d2\u4ef6<strong>\uff08\u9ad8\u5371\uff09<\/strong>\uff1a\nSELECT option_value\nFROM wp_options\nWHERE option_name = 'active_plugins';\n\n-- \u68c0\u67e5\u662f\u5426\u6709\u4e0d\u8ba4\u8bc6\u7684\u7528\u6237\uff0c\u7279\u522b\u662f\u7ba1\u7406\u5458\u7528\u6237<strong>\uff08\u9ad8\u5371\uff09<\/strong>\uff1a\nSELECT ID, user_login, user_email\nFROM wp_users;\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading has-large-font-size\">\u9488\u5bf9\u5b89\u5168\u6027\u7684\u5efa\u8bae &#8211; \u6743\u9650\u4e0e\u66f4\u65b0\uff08\u91cd\u8981\uff09<\/h2>\n\n\n\n<p>\u4e3a\u4e86\u4fdd\u8bc1\u5c3d\u53ef\u80fd\u4e0d\u53d7\u653b\u51fb\uff0c\u540c\u65f6\u4fdd\u8bc1\u53ef\u7528\u6027\uff0c\u4f5c\u4e3a\u4e00\u4e2a\u539f\u5219\uff0c\u6211\u4eec\u5e94\u8be5\u505a\u5230\u7684\u662f\uff1a\u5728\u4e0d\u9700\u8981\u5bf9\u76ee\u6807\u8fdb\u884c\u5199\u64cd\u4f5c\u65f6\uff0c\u8981\u7528\u6743\u9650\u9501\u6b7b\u76ee\u6807\u3002\u8fd9\u91cc\u7684\u76ee\u6807\u4e3b\u8981\u5305\u542bwordpress\u6838\u5fc3\u548c\u4e3b\u9898\u4e0e\u63d2\u4ef6\u3002<\/p>\n\n\n\n<p>\u4e0b\u9762\u662f\u9700\u8981\u6ce8\u610f\u7684\u76ee\u5f55\u5e73\u65f6\u5e94\u5f53\u4fdd\u6301\u7684\u6743\u9650\uff1a<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>wp-admin\troot:www-data\t755   \/\/ \u6838\u5fc3\uff0c\u4ec5\u5728wordpress\u66f4\u65b0\u65f6\u6682\u65f6\u4fee\u6539\u4e3awww-data:www-data\nwp-includes\troot:www-data\t755   \/\/ \u6838\u5fc3\uff0c\u4ec5\u5728wordpress\u66f4\u65b0\u65f6\u6682\u65f6\u4fee\u6539\u4e3awww-data:www-data\nwp-content\/uploads\twww-data:www-data   755 \/\/ \u7528\u4e8e\u4e0a\u4f20\u56fe\u7247\uff0c\u53ef\u4ee5\u4e00\u76f4\u4fdd\u6301\u6743\u9650\nwp-content\/cache\twww-data:www-data   755 \/\/ \u4e00\u4e9b\u63d2\u4ef6\u9700\u8981\u4f7f\u7528\u7f13\u5b58\uff0c\u53ef\u4ee5\u4e00\u76f4\u4fdd\u6301\u6743\u9650\nwp-content\/languages\troot:www-data\t775 \/\/ \u53ef\u4ee5\u4e00\u76f4\u4fdd\u6301\u6743\u9650\uff0c\u4ee5\u652f\u6301\u8bed\u8a00\u5305\u81ea\u52a8\u66f4\u65b0\nwp-content\/upgrade\troot:www-data\t755 \/\/\u4ec5\u5728wordpress\u66f4\u65b0\u65f6\u6682\u65f6\u4fee\u6539\u4e3awww-data:www-data\nwp-content\/plugins\troot:www-data\t755 \/\/ \u4ec5\u5728\u9700\u8981\u4fee\u6539\u63d2\u4ef6\u65f6\u6682\u65f6\u6539\u4e3awww-data:www-data\nwp-content\/themes\troot:www-data\t755 \/\/ \u4ec5\u5728\u9700\u8981\u4fee\u6539\u4e3b\u9898\u65f6\u6682\u65f6\u6539\u4e3awww-data:www-data\nwp-content\/index.php\troot:www-data\t644 \/\/ \u53ef\u4ee5\u4e00\u76f4\u4fdd\u6301\u6743\u9650<\/code><\/pre>\n\n\n\n<p>\u4e0a\u9762\u6ca1\u63d0\u5230\u7684\u76ee\u6807\u5168\u90fd\u53ef\u4ee5\u9501\u6b7b\uff0c\u8bbe\u7f6e\u4e3a\u88abroot:www-data\u62e5\u6709\uff0c\u76ee\u5f55\u6743\u9650755\uff0c\u6587\u4ef6\u6743\u9650644\u3002<\/p>\n\n\n\n<p>\u901a\u8fc7\u4e0a\u8ff0\u6743\u9650\u5927\u5bb6\u4e0d\u96be\u53d1\u73b0\uff0c\u5e73\u65f6\u6700\u5371\u9669\u7684\u662fuploads\u76ee\u5f55\uff0ccache\u76ee\u5f55\u548clanguages\u76ee\u5f55\uff0c\u6240\u4ee5\u6211\u4eec\u53ef\u4ee5\u5728\u5bbf\u4e3b\u673aNginx\u4e0a\u914d\u7f6e\u4e0d\u5141\u8bb8\u8bbf\u95ee\u8fd9\u91cc\u7684\u811a\u672c\uff0c\u524d\u6587\u867d\u7136\u4e5f\u5c55\u793a\u4e86\u6574\u4e2aNginx\u914d\u7f6e\uff0c\u4f46\u662f\u8fd9\u91cc\u518d\u5f3a\u8c03\u4e00\u4e0b\uff1a<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>    location ~* ^\/wp-content\/(uploads|languages|cache)\/.*\\.(php|phtml|phar|pl|py|cgi|sh)$ {\n        deny all;\n    }<\/code><\/pre>\n\n\n\n<p>\u4e3a\u4e86\u65b9\u4fbf\uff0c\u6211\u5236\u4f5c\u4e86\u4ee5\u4e0b\u811a\u672c\u7528\u6765\u5207\u6362\u6743\u9650\u6a21\u5f0f\uff08wordpress\u66f4\u65b0\u6a21\u5f0f\/\u63d2\u4ef6\u548c\u4e3b\u9898\u66f4\u65b0\u6a21\u5f0f\/\u5e73\u65f6\u4e25\u683c\u6a21\u5f0f\uff09\u3002<strong>\u4e3a\u9632\u6b62\u88ab\u9ed1\u5ba2\u6267\u884c\uff0c\u5efa\u8bae\u628a\u4ee5\u4e0b\u4e09\u4e2a\u811a\u672c\u7684\u6743\u9650\u8bbe\u7f6e\u4e3a root:root + 700<\/strong><\/p>\n\n\n\n<p>wp_update_mode.sh :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>#!\/bin\/bash\ncd \/var\/www\/html\n\nchown -R www-data:www-data wp-admin\nchown -R www-data:www-data wp-includes\nchown -R www-data:www-data wp-content\/upgrade\n\necho 'in wp update mode'<\/code><\/pre>\n\n\n\n<p>plugin_theme_update_mode.sh :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>#!\/bin\/bash\ncd \/var\/www\/html\n\nchown -R www-data:www-data wp-content\/plugins\nchown -R www-data:www-data wp-content\/themes\n\necho \"in plugin\/theme update mode\"<\/code><\/pre>\n\n\n\n<p>strict_mode.sh  :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>#!\/bin\/bash\n\ncd \/var\/www\/html\n\n# \u6838\u5fc3\u76ee\u5f55\nchown -R root:www-data wp-admin\nchmod 755 wp-admin\n\nchown -R root:www-data wp-includes\nchmod 755 wp-includes\n\n# \u4e0a\u4f20\u3001\u7f13\u5b58\u3001\u8bed\u8a00\u5305\u3001index.php \u4fdd\u6301\u539f\u6743\u9650\nchown -R www-data:www-data wp-content\/uploads\nchmod 755 wp-content\/uploads\n\nchown -R www-data:www-data wp-content\/cache\nchmod 755 wp-content\/cache\n\nchown -R root:www-data wp-content\/languages\nchmod 775 wp-content\/languages\n\nchown -R root:www-data wp-content\/index.php\nchmod 644 wp-content\/index.php\n\n# \u63d2\u4ef6\u548c\u4e3b\u9898\u4fdd\u6301 root:www-data\nchown -R root:www-data wp-content\/plugins\nchmod 755 wp-content\/plugins\n\nchown -R root:www-data wp-content\/themes\nchmod 755 wp-content\/themes\n\n# upgrade \u4fdd\u6301 root:www-data\nchown -R root:www-data wp-content\/upgrade\nchmod 755 wp-content\/upgrade\n\necho \"in strict mode\"<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading has-medium-font-size\">\u6b64\u5916\uff0c\u4e00\u4e9bDebug\u7ecf\u9a8c<\/h2>\n\n\n\n<p>\u7531\u4e8e\u6700\u5c0f\u8fc1\u79fb\u65f6\u4e0d\u4f1a\u5e26\u63d2\u4ef6\u548c\u4e3b\u9898\uff0c\u5982\u679c\u539f\u7f51\u7ad9\u7528\u4e86\u9ed8\u8ba4\u4ee5\u5916\u7684\u4e3b\u9898\uff0c\u53ef\u80fd\u4f1a\u51fa\u73b0\u8bbf\u95ee\u65f6\u9875\u9762\u767d\u5c4f\uff0c\u4e14\u6d4f\u89c8\u5668\u63a7\u5236\u53f0\u548c\u670d\u52a1\u5668\u4e2d\u90fd\u4e0d\u663e\u793a\u4efb\u4f55\u62a5\u9519\u3002\u6b64\u65f6\u4e0d\u8981\u5355\u7eaf\u4f7f\u7528\u57df\u540d\u8bbf\u95ee\uff0c\u53ef\u4ee5\u5c1d\u8bd5\u8bbf\u95ee\u57df\u540d\u52a0\/wp-admin\/install.php\uff0c\u6216\u8005\/wp-admin\/login.php\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u524d\u6bb5\u65f6\u95f4\u672c\u7f51\u7ad9\u88ab\u9ed1\u4e86\uff0c\u7f51\u7ad9\u76ee\u5f55\u4e0b\u7684php\u6587\u4ef6\u91cc\u88ab\u6302\u4e0a\u4e86\u8df3\u8f6c\u5230\u83e0\u83dc\u7f51\u7ad9\u7684\u4ee3\u7801\uff0c\u88ab\u4e91\u670d\u52a1\u5546\u7684\u5ba2\u670d\u6253\u7535\u8bdd\u8981\u6c42\u8d76\u7d27\u4fee\u6539&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","footnotes":""},"categories":[3,1],"tags":[],"class_list":["post-1008","post","type-post","status-publish","format-standard","hentry","category-linux-tech","category-tech"],"_links":{"self":[{"href":"https:\/\/lalaland.wlzy.online\/index.php?rest_route=\/wp\/v2\/posts\/1008","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lalaland.wlzy.online\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lalaland.wlzy.online\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lalaland.wlzy.online\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lalaland.wlzy.online\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1008"}],"version-history":[{"count":90,"href":"https:\/\/lalaland.wlzy.online\/index.php?rest_route=\/wp\/v2\/posts\/1008\/revisions"}],"predecessor-version":[{"id":1108,"href":"https:\/\/lalaland.wlzy.online\/index.php?rest_route=\/wp\/v2\/posts\/1008\/revisions\/1108"}],"wp:attachment":[{"href":"https:\/\/lalaland.wlzy.online\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1008"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lalaland.wlzy.online\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1008"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lalaland.wlzy.online\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1008"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}