AWDP之路

本文最后更新于:25 天前

php

apache:

开局扫web目录下所有php文件,加白名单到.htaccess下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#!/bin/bash

# 目标目录
directory="/var/www/html"
whitelist_file="whitelist.txt"
htaccess_file="$directory/.htaccess"

# 检查目录是否存在
if [ -d "$directory" ]; then
    echo "扫描目录: $directory,生成白名单和.htaccess文件"

    # 查找所有PHP文件并保存到白名单文件中
    find "$directory" -type f -name "*.php" > "$whitelist_file"

    # 开始写入.htaccess文件
    echo "# 限制不在白名单中的PHP文件的访问" > "$htaccess_file"
    echo "<FilesMatch \".*\.php$\">" >> "$htaccess_file"
    echo "    Order Deny,Allow" >> "$htaccess_file"
    echo "    Deny from all" >> "$htaccess_file"
    echo "</FilesMatch>" >> "$htaccess_file"

    # 添加允许访问的白名单PHP文件
    while IFS= read -r php_file; do
        relative_path="${php_file#$directory/}"
        echo "<Files \"${relative_path}\">" >> "$htaccess_file"
        echo "    Order Allow,Deny" >> "$htaccess_file"
        echo "    Allow from all" >> "$htaccess_file"
        echo "</Files>" >> "$htaccess_file"
    done < "$whitelist_file"

    echo ".htaccess文件已生成,并配置了白名单访问规则。"
else
    echo "目录不存在: $directory"
fi

找到上传目录,只允许读取图片格式的文件.htacces

1
2
3
4
5
6
7
8
9
<FilesMatch "\.(jpg|jpeg|png|gif)$">
    Order Allow,Deny
    Allow from all
</FilesMatch>

<FilesMatch "\.(php|html|htm|txt|gif)$">
    Order Deny,Allow
    Deny from all
</FilesMatch>

nginx:

jsp

asp