我的主机提供商向我发送了一封电子邮件,其中显示我的应用程序存在一些恶意软件,我应该修复它们。该电子邮件还包含以下列表:
{YARA}r57shell_php_php : /home/virtfs/username/usr/ local/apache.ea3/conf/modsec2. user.conf.rpmsave
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/servina_db/qmx72_ rsfirewall_signatures.MYI
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/servina_db/qmx72_ rsfirewall_signatures.MYD
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/carmane0_arman/ar_ redirection_404.MYD
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/carmane0_arman/ar_ redirection_404.MYI
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/ofoghdat_rez/iev7c_ rsfirewall_signatures.MYD
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/ofoghdat_rez/iev7c_ rsfirewall_signatures.MYI
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/jammashi_db/i6bm7_ rsfirewall_signatures.ibd
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/iimenlo2_saeed/ln8qc_ rsfirewall_signatures.MYD
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/iimenlo2_saeed/ln8qc_ rsfirewall_signatures.MYI
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/packagin_db3/l2p08_ rsfirewall_signatures.MYI
{YARA}eval_post : /home/virtfs/username/var/lib/ mysql/packagin_db3/l2p08_ rsfirewall_logs.MYD
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/packagin_db3/l2p08_ rsfirewall_signatures.MYD
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/ofoghdat_db/rnghu_ rsfirewall_signatures.ibd
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/ofoghdat_ge/iev7c_ rsfirewall_signatures.MYD
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/ofoghdat_ge/iev7c_ rsfirewall_signatures.MYI
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/iturkey1_testsh/vnjca_ rsfirewall_patterns.MYD
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/iturkey1_testsh/vnjca_ rsfirewall_patterns.MYI
{YARA}r57shell_php_php : /home/virtfs/username/var/lib/ mysql/lemoda_lmag/flsdc_ rsfirewall_signatures.ibd
我的应用程序使用了 php,它包含一些简单的 SELECT
和 UPDATE
。
我不知道这些是什么以及如何修复它们。
任何帮助将不胜感激。
谢谢。
最佳答案
这可能是误报。
{YARA}r57shell_php_php
是 Maldet 在不确定时用来猜测恶意软件的模式匹配文件。
告诉您的托管提供商,一旦您目视扫描文件,这可能是误报。
关于php - 如何解决 r57shell_php_php 警告?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44646017/