因近期网站总被上传恶意PHP文件,检查网站时发现如下,

是之前在用的.htaccess文件的代码,莫名出现了一个网站,不知道是否是被利用的上传漏洞,请教高手



# Rewrite 系统规则请勿修改

rewritecond %{http_host} ^0532sns.com [nc]

rewriterule ^(.*)$ http://www.0532sns.com/$1 [L,R=301]

RewriteCond %{QUERY_STRING} ^(.*)$

RewriteRule ^topic-(.+)\.html$ portal.php?mod=topic&topic=$1&%1

RewriteCond %{QUERY_STRING} ^(.*)$

RewriteRule ^article-([0-9]+)-([0-9]+)\.html$ portal.php?mod=view&aid=$1&page=$2&%1

RewriteCond %{QUERY_STRING} ^(.*)$

RewriteRule ^forum-(\w+)-([0-9]+)\.html$ forum.php?mod=forumdisplay&fid=$1&page=$2&%1

RewriteCond %{QUERY_STRING} ^(.*)$

RewriteRule ^thread-([0-9]+)-([0-9]+)-([0-9]+)\.html$ forum.php?mod=viewthread&tid=$1&extra=page\%3D$3&page=$2&%1

RewriteCond %{QUERY_STRING} ^(.*)$

RewriteRule ^group-([0-9]+)-([0-9]+)\.html$ forum.php?mod=group&fid=$1&page=$2&%1

RewriteCond %{QUERY_STRING} ^(.*)$

RewriteRule ^space-(username|uid)-(.+)\.html$ home.php?mod=space&$1=$2&%1

RewriteCond %{QUERY_STRING} ^(.*)$

RewriteRule ^blog-([0-9]+)-([0-9]+)\.html$ home.php?mod=space&uid=$1&do=blog&id=$2&%1

RewriteCond %{QUERY_STRING} ^(.*)$

RewriteRule ^archiver/(fid|tid)-([0-9]+)\.html$ archiver/index.php?action=$1&value=$2&%1