Linux临时防护方案 :通过配置策略文件暂时禁用ImageMagick
编辑 /etc/ImageMagick/policy.xml ,在<policymap>与</policymap>之间增加如下代码
<policy domain=”coder” rights=”none” pattern=”EPHEMERAL” />
<policy domain=”coder” rights=”none” pattern=”URL” />
<policy domain=”coder” rights=”none” pattern=”HTTPS” />
<policy domain=”coder” rights=”none” pattern=”MVG” />
<policy domain=”coder” rights=”none” pattern=”MSL” />
彻底的解决方案:升级到7.0.1-1版本,目前不受影响版本为ImageMagick 7.0.1-1和6.9.3-10。使用LNMP的升级参考这里http://www.vpser.net/security/imagemagick-cve-2016-3714.html
SaBlog-X这里指的是SaBlog-X 2.0
因为服务器从Nginx切换到了Apache,所以博客程序SaBlog-X的Rewite规则也要换一下了,在程序根目录下创建.htaccess文件,把以下内容放进去~
# BEGIN Sablog-X
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [S=18]
# 归档
RewriteRule ^date/([0-9]{6})/([0-9]{1,2})/page/([0-9]+)?/?$ index.php?action=article&setdate=$1&setday=$2&page=$3 [QSA,L]
RewriteRule ^date/([0-9]{6})/([0-9]{1,2})/?$ index.php?action=article&setdate=$1&setday=$2 [QSA,L]
RewriteRule ^date/([0-9]{6})/page/([0-9]+)?/?$ index.php?action=article&setdate=$1&page=$2 [QSA,L]
RewriteRule ^date/([0-9]{6})/?$ index.php?action=article&setdate=$1 [QSA,L]
# 无分类翻页
RewriteRule ^page/([0-9]+)?/?$ index.php?action=article&page=$1 [QSA,L]
# 分类
RewriteRule ^category/([0-9]+)/?([0-9]+)?/?$ index.php?action=article&cid=$1&page=$2 [QSA,L]
RewriteRule ^category/([^/]+)/?([0-9]+)?/?$ index.php?action=article&curl=$1&page=$2 [QSA,L]
# 归档、高级搜索
RewriteRule ^(archives|list|article|links)/?$ index.php?action=$1 [QSA,L]
# 全部评论、标签列表、带分页
RewriteRule ^(comments|tagslist|article)/?([0-9]+)?/?$ index.php?action=$1&page=$2 [QSA,L]
# 搜索结果
RewriteRule ^search/([0-9]+)/?([0-9]+)?/?$ index.php?action=article&searchid=$1&page=$2 [QSA,L]
# tags
RewriteRule ^tag/([^/]+)/?([0-9]+)?/?$ index.php?action=article&tag=$1&page=$2 [QSA,L]
# 文章
RewriteRule ^archives/([0-9]+)/?([0-9]+)?/?$ index.php?action=show&id=$1&page=$2 [QSA,L]
# RSS
RewriteRule ^rss/([0-9]+)?/?$ rss.php?cid=$1 [QSA,L]
RewriteRule ^rss/([^/]+)/?$ rss.php?url=$1 [QSA,L]
# 用户
RewriteRule ^uid/([0-9]+)/?([0-9]+)?/?$ index.php?action=article&uid=$1&page=$2 [QSA,L]
RewriteRule ^user/([^/]+)/?([0-9]+)?/?$ index.php?action=article&user=$1&page=$2 [QSA,L]
# 地图文件
RewriteRule sitemap.xml sitemap.php [QSA,L]
# 自定义链接
RewriteRule ^([^/]+)/?([0-9]+)?/?$ index.php?action=show&alias=$1&page=$2 [QSA,L]
</IfModule>
# END Sablog-X