1: Recently, hackers used fsockopen to carry out PHPDDOS attacks after exploiting program vulnerability injection, causing instability on some servers. Now the dangerous function fsockopen is temporarily disabled. Some program functions may have problems. The following lists the known problems and general solutions:
General solution:
Find the fsockopen function in the program and replace it with: pfsockopen to solve all problems. The difference between the two functions is that pfsockopen remains keep-alive, making it impossible for hackers to carry out connection number attacks.
The path of the program file that uses the fsockopen function is known (add p before fsockopen, that is, change fsockopen to pfsockopen)
Two: The server has disabled fsockopen and pfsockopen at the same time, then use other functions instead, such as stream_socket_client(). Note: The parameters of stream_socket_client() and fsockopen() are different.
Specific operations:
Search the string fsockopen( in the program and replace it with stream_socket_client(. Then, delete the port parameter "80" in the original fsockopen function and add it to $host.
An example is as follows
Before modification:
$fp = fsockopen($host, 80, $errno, $errstr, 30);
After modification:
$fp = stream_socket_client($host."80", $errno, $errstr, 30);
List of files in the website system of domestic mainstream PHP websites involving the fsockopen function:
List of files in the website system of domestic mainstream PHP websites involving the fsockopen function:
DEDECMS:
sourcefunctionfunction_core.php This file has 2 fsockopen and the other is pfsockopen, please pay attention to the distinction
uc_clientclient.php This file has 2 fsockopen and the other is pfsockopen, please pay attention to the distinction
uc_clientlibsendmail.inc.php
This file uc_clientmodelmisc.php has 2 fsockopens and the other is pfsockopen. Please pay attention to the distinction
This file uc_serverinstallfunc.inc.php has 2 fsockopens and the other is pfsockopen. Please pay attention to the distinction
uc_serverlibsendmail.inc.php
The file uc_servermodelmisc.php has 2 fsockopens and the other is pfsockopen. Please pay attention to the distinction
Discuz! 2.5:
sourcefunctionfunction_core.php This file has 2 fsockopen and the other is pfsockopen, please pay attention to the distinction
uc_clientclient.php This file has 2 fsockopen and the other is pfsockopen, please pay attention to the distinction
uc_clientlibsendmail.inc.php
This file uc_clientmodelmisc.php has 2 fsockopens and the other is pfsockopen. Please pay attention to the distinction
This file uc_serverinstallfunc.inc.php has 2 fsockopens and the other is pfsockopen. Please pay attention to the distinction
uc_serverlibsendmail.inc.php
The file uc_servermodelmisc.php has 2 fsockopens and the other is pfsockopen. Please pay attention to the distinction
ecms (Empire):
eclassclass.smtp.php
ECSHOP:
adminindex.php
demoincludeslib_updater.php
includescls_smtp.php
includescls_transport.php
includeslib_base.php
includesmodulespaymentpaypal.php
shopex:
coreapiincludeapi_utility.php
coreapitools1.0api_b2b_1_0_tools.php
corefunc_ext.php
corelibnusoap.php
corelibuc_clientclient.php
instalsvinfo.php
pluginspassportpassport.ucenter.php
pluginspaymentpay.nochek.php
pluginspay.paypal.php
pluginspay.paypal.server.php
pluginspay.paypal_cn.php
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
