phpStudy official: Clarification on the incident of backdoor being implanted in phpstudy

Hello everyone, I am Brother Zhu, the developer of phpStudy.

phpStudy is developed and maintained in my spare time. Regarding the phpStudy backdoor incident, I would like to clarify this incident. As early as December 2018, the Hangzhou Public Security Bureau had already investigated and collected evidence on us:

It has been proven that it has nothing to do with the phpStudy official website. As long as you download it from the official website (www.xp.cn), there will be no problem.

The other best proof is that we continue to maintain and update the software, which proves that the incident has nothing to do with us, otherwise we would have been in jail.

The picture below is an article published by the Hangzhou Public Security Bureau that has proven phpStudy’s innocence (pictured below).

phpStudy has provided free and easy-to-use software to millions of PHP developers in China over the past 12 years. We have been doing charity and we don’t ask for anything. In return, please ask other media not to smear us. The Hangzhou Public Security Bureau’s official announcement about this incident has made it very clear.

In addition, after the Internet police came to investigate and collect evidence in 2018, we tried to contact major download sites but did not receive any reply. Here we implore and condemn those webmasters of download sites, please do a good job of security check when uploading software, do not submit software arbitrarily and then include it, and please be responsible for the safe downloading of netizens.

phpStudy itself is also a victim of this incident. As an individual software developer, I was personally very hurt when encountering such a thing. I once wanted to give up upgrading the software, if not for the group members. There are people encouraging us every day, but we have given up updating. phpStudy will continue to provide updates and upgrades to everyone in the coming days. Please rest assured that we will not give up on phpStudy.

In addition, I would like to inform everyone in advance that the phpStudy linux web docker panel will be online after the National Day holiday. Free as always.

The other tampered software version is the php5.4 version in the phpStudy 2016 version. If you downloaded this version from other download sites, please check and delete the php5.4 version.

Follow-up addition:

After this incident, our team attached great importance to it and immediately released the phpstudy software MD5 code and phpstudy security auto-service on the official website. Check the fix.

Related links:

1. phpstudy software MD5 code (please compare carefully after downloading to prevent the file from being tampered with)
2. phpstudy security Self-check repair program (old users who have already installed it, please check it yourself)
3. phpstudy security issue settings summary (2019)

Published by phpStudy official website Any software provided by phpStudy is fully legal and compliant. The official website of phpStudy actively cooperated with the Hangzhou Public Security Bureau in the investigation and evidence collection in this incident.

Finally, we would like to thank the Hangzhou Public Security Bureau for cracking down on criminals and maintaining the network security of netizens. We will actively cooperate with relevant government departments and effectively implement network security management responsibilities.

phpStudy’s public welfare spirit is to provide the best software for the majority of developers to operate and maintain. Please help us clarify and forward this article.

The above is the detailed content of phpStudy official: Clarification on the incident of backdoor being implanted in phpstudy. For more information, please follow other related articles on the PHP Chinese website!