欧美不卡视频中文字幕

Join VIP [check in and send gold coins]
Dream weaving worry free, heart to do source code! 7 years of brand, trustworthy! Dream weaving without worry, each fine product, rather than excessive! Purchase no less than 3000 yuan per month, free source sharing, open early, enjoy early! Temporary promotion for lifelong members, only 498 yuan! The new member opens, enters the member center directly -- the purchase member -- opens directly.

About Linux panel 7.4.2 and windows panel 6.8 emergency security update

Abstract: This update is an emergency security update. Please update to the latest version (other versions will not be affected) for users of version 7.4.2 and version 6.8 of Windows version. Log in to the panel and click Update in the upper right corner of the home page. If the update fails, please try to repair the panel or contact customer service. If you need assistance, please contact QQ: 1249648969 for update / panel problem

This update is an emergency security update. Users of version 7.4.2 and version 6.8 of windows must update to the latest version (other versions will not be affected). The update method can be logged into the panel, and click Update in the upper right corner of the home page. If the update fails, please try to repair the panel or contact customer service


Please contact QQ: 1249648969 for assistance
Update / panel questions contact QQ: 3007255431
eight hundred million one hundred and seventy-six thousand five hundred and fifty-six
Database recovery problem contact QQ: 627622230, 750755014,517496165, 940950943,
two billion eight hundred and thirty-nine million nine hundred and eighty-three thousand and one hundred
Comprehensive questions contact QQ: two billion three hundred and twenty million five hundred and forty-seven thousand eight hundred and eighty
Be sure to describe the problem clearly. If there are too many people, please wait a moment. We will deal with it as soon as possible.


Note: if the database is maliciously deleted, after the upgrade panel, If you do not understand the database recovery mechanism, please do not do other operations
It is recommended to shut down the computer directly, and then seek professional assistance to recover the data,
Wrong operation method may reduce the probability of data recovery in the later stage. If you need assistance in data recovery, please contact customer service


Users of Linux version 7.4.2 and test version 7.5.14 update to the following version

Pagoda linux test version 7.5.15 (Security version)

Pagoda Linux official version 7.4.3 (Security version)

This update is an emergency security update. Users of 7.4.2 must update to the latest version

?

Update method:

Log in to the background of the panel, click Update in the upper right corner, and click Update immediately after the pop-up window

?


Or use the upgrade script (Note: priority is given to directly click the update on the front page of the panel, and this command can only be used in case of failure, and cannot be executed in the SSH terminal of the panel)

  1. curl http://download.bt.cn/install/update_panel.sh |bash

Copy code

?

Offline upgrade steps:
1. Download offline upgrade package: http://download.bt.cn/install/update/LinuxPanel-7.4.3.zip

2. Upload the upgrade package to the / root directory on the server

3. Unzip linuxpanel-7.4.3 zip

4. Switch to upgrade package directory: CD panel

5. Execute upgrade script: bash update sh

6. Remove upgrade package: CD&& rm -f LinuxPanel-7.4.3. zip && rm -rf panel

?

Users of Windows version 6.8 update to the following version

Windows official version 6.9.0 (Security version)

?


Update log:
1. Emergency correction of a security risk



The sentence for destroying computer is very strict. Don't try the law by example

We have reported this safety risk to the local public security bureau, Do not teach others how to use them on the Internet and use these tools to destroy other people's servers

Teaching and operation have violated the criminal law,
Where the Internet is illegal,
The state is cracking down on the crime of destroying the computer information system, and the sentences are all relatively heavy. Do not try the law by example.

Some users are affected by this security risk. We will fully cooperate with users to fix evidence and cooperate with the public security organs in the next step of investigation.

Users who are affected or who suspect that they are affected can In order to contact us directly, we will send more staff to follow up the after-sales service in the near future.

Those who have data impact and have no backup can contact us to try to recover through the panel binary log.


Pagoda panel PMA Security risk events

Cause:

In order to solve the security problem caused by the authorization of user server through phpMyAdmin,
We added phpMyAdmin security access module in Linux panel 7.4.2/windows panel version 6.8.0,
The principle is to access phpMyAdmin through the panel instead of nginx / Apache,
However, due to a fatal logic vulnerability in directory storage, nginx / Apache can also access the phpMyAdmin directory specially used for the panel,
When we do security audit, we focus on the panel program and ignore the possibility of being accessed outside the panel

Affected machines:
need At the same time All of the following conditions
1. The software version is Linux panel 7.4.2 or windows panel 6.8.0
2. Open 888 and do not configure HTTP authentication,
3. Installed phpMyAdmin, MySQL database

Unaffected machines:
only If one of them needs to be satisfied, it will not be affected
1. Port 888 is not opened,
2. Strict security authentication is made for 888 port,
3. PhpMyAdmin is not installed,
4. Mysql database is not installed
5. Panel version is not Linux panel 7.4.2/windows panel 6.8.0

Security update time and content:
Time: around 16:50 on August 23, 2020
1. Remove the phpMyAdmin security module
2. Delete phpMyAdmin legacy files
3. Remove directory interpretation from fastcgi client module

The latest security version is:
Linux panel 7.4.3 / windows panel 6.9.0

Other measures except emergency repair patch:
1. The first time through SMS, public number, official website, QQ group and other channels to inform users of the upgrade
2. The vulnerability detection function is added to the cloud software installation script. When users install software through the cloud, they will try to repair the vulnerability after detection
3. Try to destroy the exploitation chain through the vulnerability itself (try to delete config.inc.php through phpMyAdmin's own vulnerability, only some windows valid / Linux versions fail) 2020-8-23 22:00 ~ 2020-8-24 4:00
4. Through the vulnerability itself, try to destroy the utilization chain (force to change the database root password). This method is effective for some servers. Affected by the phpMyAdmin version and user configuration, the execution time is: 2020-8-24 8:00 ~ 2020-8-24 9:40
5. Many IDC manufacturers, such as Alibaba cloud, Tencent cloud and so on, have issued an urgent update warning and taken measures to limit ports to prevent vulnerabilities from being exploited

next step:
At the first time when the vulnerability is found, personnel have been arranged to work overtime to update and repair, increase the server bandwidth, make use of all available publicity channels to update and remind, at the same time, arrange operation and maintenance and customer service personnel to answer all matters online, assist the affected users in solving problems, and temporarily call development to assist users in solving the problem of shortage of manpower, At present, all efforts have been made to minimize the impact of this safety risk, and the internal rectification and treatment items will be updated after this step is completed.

Here, on behalf of our company, I apologize for the trouble caused to you by this security risk. I accept all the criticisms, and we will seriously review and reflect on this incident.


Link to this article: http://b5y7hj.cn//gonggao/181687.html

Copyright notice: Our resources are from the Internet or member release, if you infringe on your rights and interests, please contact us, we will delete within 24 hours! thank you!

 QR code of public number

Wechat public account

//Auto push

欧美不卡视频中文字幕_我和闺蜜共做一个男人_正撅着她肥白的大屁股

http://52.b5y7hj.cn http://00.b5y7hj.cn http://40.b5y7hj.cn http://90.b5y7hj.cn http://26.b5y7hj.cn http://10.b5y7hj.cn http://45.b5y7hj.cn http://14.b5y7hj.cn http://10.b5y7hj.cn http://05.b5y7hj.cn http://86.b5y7hj.cn