Due to frequent attacks, it’s really annoying. After changing domain names and servers several times, I’ve summarized the following security vulnerabilities to share this disgusting behavior. The hacker “@M..(name withheld)” deletes the database every time and then demands 300. They mainly exploit ThinkPHP vulnerabilities, scan for IPs, and use the exploit: generate 1.php in the root directory, upload a trojan. ******** Solutions and fixes: Block hacker IP, prevent server IP exposure, ban IP from accessing the website, ban all search engines from accessing any part of the website:

User-agent: *

Disallow: / Change website name to any English name, ban random registration, fix vulnerable files, change admin login address.