开源代码的最大弱点可能就是源码大家都能研究。这个好像也是最大的优点。双刃剑
http://localhost/blog/wp-includes/registration-functions.php
页面出现
Fatal error: Call to undefined function _deprecated_file() in /Users/yuexiaosheng/WEB/php/blog/wp-includes/registration-functions.php on line 8
在出问题的php文件里
1.加@
@_deprecated_file( basename(__FILE__), '2.1', null, __( 'This file no longer needs to be included.' ) );
2.加访问控制
if(!defined('WP_USE_THEMES'))
{
exit('Access Denied By java-er.com');
}
其他能够暴路径的地址
http://localhost/blog/wp-content/plugins/akismet/akismet.php
http://localhost/blog/wp-content/plugins/hello.php
以下三个最新版本似乎已经修复。
http://localhost/blog/wp-content/themes/default/404.php
http://localhost/blog/wp-content/themes/default/index.php
http://localhost/blog/wp-content/themes/default/header.php
http://localhost/blog/wp-content/themes/default/footer.php
不过一旦知道博客所采用的模板,将default换成模板名字就出来了。
http://localhost/blog/wp-content/themes/模板/404.php
footer.php
没有什么好办法,只能发现的就来改改。
以上为月小升亲自测试出来的路径,如果你见过更多,留言一下,帮助大家!