diff --git a/src/main/java/com/cym/controller/adminPage/ConfController.java b/src/main/java/com/cym/controller/adminPage/ConfController.java
index 8effd16a71d14e37d384797901f04093aa5ac9db..110af581ccce6a98cf61d322fa4a32411c89dfba 100644
--- a/src/main/java/com/cym/controller/adminPage/ConfController.java
+++ b/src/main/java/com/cym/controller/adminPage/ConfController.java
@@ -320,6 +320,16 @@ public class ConfController extends BaseController {
 
 		try {
 			String rs = "";
+			// 过滤特殊字符，防止命令拼接
+			cmd = cmd.replaceAll(";","\\\\;");
+     		cmd = cmd.replaceAll("`","\\\\`");
+     		cmd = cmd.replaceAll("\\|","\\\\|");
+     		cmd = cmd.replaceAll("\\{","\\\\{");
+     		cmd = cmd.replaceAll("\\}","\\\\}");
+			//仅执行nginx相关的命令，而不是其他的恶意命令
+			if(!cmd.contains("nginx")){
+            	cmd = "nginx restart";
+        	}
 			if (SystemTool.isWindows()) {
 				RuntimeUtil.exec("cmd /c start " + cmd);
 			} else {