Major security breach of pagoda panel! Webmaster needs urgent security updates (with plan)

Yesterday (August 23, 2020), a major security vulnerability occurred in Pagoda Panel, one of the two well-known server environment tools in China!

Footnote: The two well-known server environment tools are 小piPanel (phpstudy) and Pagoda Panel (a rising star)

This update is an emergency security update. Users of Liunx version 7.4.2 and Windows version 6.8 must update to the latest version (other versions are not affected). To update, log in to the panel and click Update in the upper right corner of the homepage. Can.

Note: If the database is maliciously deleted, after upgrading the panel, if you do not understand the database recovery mechanism, please do not do other operations. It is recommended to shut down directly and then find a professional. Operation methods to assist in recovering data errors may reduce the probability of later data recovery. If you need assistance with data recovery, please contact official customer service.

Users of Linux version 7.4.2 and test version 7.5.14 are updated to the following versions

Pagoda linux test version 7.5.15 (security version)

Pagoda linux official version 7.4.3 (security version)

This update is an emergency security update. Users of 7.4.2 must update to the latest version

Update method :

Log in to the panel backend, click Update in the upper right corner, after the pop-up window, click Update Now

or use the upgrade script (Note: Prioritize Click Update directly on the home page of the panel. Only use this command if it fails, and it cannot be executed in the SSH terminal that comes with the panel):

curl https://download.bt.cn/install/update_panel.sh|bash

Offline upgrade steps:

1. Download offline upgrade Package: http://download.bt.cn/install/update/LinuxPanel-7.4.3.zip

2. Upload the upgrade package to the /root directory in the server

3. Unzip the file: unzip LinuxPanel-7.4.3.zip

4. Switch to the upgrade package directory: cd panel

5. Execute the upgrade script: bash update.sh

6 , Delete the upgrade package: cd .. && rm -f LinuxPanel-7.4.3.zip && rm -rf panel

Users of Windows version 6.8 update to the following version

Windows official version 6.9.0 (security version)

Update log:

1. Urgent correction of a security risk

This update is an emergency security update. Users of version 6.8 must update to the latest version.

The penalty for damaging a computer is extremely severe, do not try to take advantage of the law:

We have reported this security risk to the local public security bureau. Please do not teach others how to use or use these tools online. Destroying other people's servers, teaching, and operating are all violations of criminal law. Outside of the Internet, the country severely cracks down on the crime of destroying computer information systems, and the sentences are relatively severe. Don't try to break the law. Some users are also affected by this security risk. We will fully cooperate with users to secure evidence and cooperate with the public security organs in the next step of investigation. Affected users, or users who suspect they are affected, can contact us directly. We will send additional manpower to follow up on after-sales service in the near future. If your data is affected and you have no backup, you can contact us to try to restore it through the panel binary log.

The above is the detailed content of Major security breach of pagoda panel! Webmaster needs urgent security updates (with plan). For more information, please follow other related articles on the PHP Chinese website!