Minh Truong olkitu

## .htaccess
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# End WordPress
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

## nginx.conf
location = ~* /xmlrpc.php {
    deny all;
    access_log off;
    log_not_found off;
}
location = ~* /wp-config.php {
    deny all;
    log_not_found off;
}

## .htaccess
Options -Indexes
<files xmlrpc.php>
    order allow,deny
    deny from all
</files>
<files wp-config.php>
   order allow,deny
   deny from all
</files>
<files ~ "^.*\.([Hh][Tt][Aa])">

## php_haittakoodi_metsastys.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                olkitu
                / php_haittakoodi_metsastys.md
            
            
              Last active
              March 21, 2019 14:08
            
              
                PHP-haittaohjelman mestästyskoodi
              
          
    Tässä on yleinen ohje PHP haittakoodin metsästämiseen. Tätä voi käyttää eri sisällönhaittaohjelmistojen PHP-haittakoodin mestästämiseen.
Etsi eval()-funktiota

Etsi PHP-haittakoodiaeval() haitallisia koodeja. Eval-koodi usein kertoo että sivuston tiedostoissa on haitallista koodia. Kaikki eval()-funktiolla ei ole haitallista koodia kuten class-pclzip.php tiedostossa on ihan Wordpressin omaa koodia.
Lisää tiedostot mistä eval() funktio löytyy:
grep -lr --include=*.php -PHn "(eval\(.*\);)" .


## overrideconfig
[DPL:Common]
*ParamSrc = 4

[QIPCALL:EVS_1]
#Bandwidth, 0 = NB, 1 = WB, 2 = SWB, 3 = FB, 4 = NB-WB, 5 = NB-SWB, 6 = NB-FB
*Bandwidth = 5
# Bitrate: 127 = 5.9 - 24.4Kbps
*BitRate = 127
*ch_aw_recv = 0

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                olkitu
                / keybase.md
            
            
              Created
              November 28, 2018 20:55
            
          
    Keybase proof

I hereby claim:

I am olkitu on github.
I am olkitu (https://keybase.io/olkitu) on keybase.
I have a public key ASAizXrvQIXsIiBAWmys3_Z5gNewZlz_E35a7epRfhB1dAo

To claim this, I am signing this object:
	RewriteEngine On
	RewriteBase /
	RewriteRule ^index\.php$ - [L]
	RewriteCond %{REQUEST_FILENAME} !-f
	RewriteCond %{REQUEST_FILENAME} !-d
	RewriteRule . /index.php [L]
	# End WordPress
	RewriteCond %{HTTPS} off
	RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
	RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
	location = ~* /xmlrpc.php {
	deny all;
	access_log off;
	log_not_found off;
	}
	location = ~* /wp-config.php {
	deny all;
	log_not_found off;
	}
	Options -Indexes
	<files xmlrpc.php>
	order allow,deny
	deny from all
	</files>
	<files wp-config.php>
	order allow,deny
	deny from all
	</files>
	<files ~ "^.*\.([Hh][Tt][Aa])">
	[DPL:Common]
	*ParamSrc = 4

	[QIPCALL:EVS_1]
	#Bandwidth, 0 = NB, 1 = WB, 2 = SWB, 3 = FB, 4 = NB-WB, 5 = NB-SWB, 6 = NB-FB
	*Bandwidth = 5
	# Bitrate: 127 = 5.9 - 24.4Kbps
	*BitRate = 127
	*ch_aw_recv = 0