: This article mainly introduces the security of php websites. if you are interested in PHP tutorials, please refer to it. I. common PHP website security vulnerabilities
There are currently five common PHP vulnerabilities. Session file vulnerabilities, SQL injection vulnerabilities, script command execution vulnerabilities, global variables vulnerabilities, and file vulnerabilities. These vulnerabilities are briefly described here.
1. session file vulnerability
Session attacks are one of the most common attack methods for hackers. When a user accesses a website, the Session and Cookie are set for PHP to allow the user to access and access the website easily.
2. SQL Injection Vulnerability
During website development, programmers lack comprehensive judgment on user input/output data or lax filtering, which leads to server execution of malicious information, such as user information query. Hackers can obtain relevant information based on the results returned by malicious programs. This is the SQL Injection Vulnerability in yuanxiao.
3. script execution vulnerability
The common cause of the script execution vulnerability is that the programmer rarely filters URL parameters submitted by users during Website Development. the URLs submitted by users may contain malicious code and cause cross-site scripting attacks. Script execution vulnerabilities often exist on previous PHP websites. However, with the upgrade of the PHP version, these questions have been reduced or do not exist.
4. global variable vulnerability
Variables in PHP do not need to be declared in advance when they are used as in other development languages. variables in PHP can be directly used without being declared and automatically created when used, the system automatically determines the variable type based on the context. This method can greatly reduce the probability of errors in programming, which is very convenient to use.
5. file vulnerabilities
File vulnerabilities are usually caused by the lack of adequate filtering of external data when website developers design websites. as a result, hackers exploit these vulnerabilities to execute relevant commands on the Web process. Assume that. php contains the following code: include ($ B. "/aaa. php ".), for hackers, the variable $ B can be used to launch remote attacks. it can be the hacker's own code to launch attacks on the website. You can submit a. php include = http: // lz7.0.0.0.1/B. php to the server, and then execute the B. php command.
II. prevention measures for common PHP vulnerabilities
1. Session vulnerability prevention
According to the previous analysis, Session hijacking is the most common attack type, that is, the hacker obtains the user's Session ID through various attack methods, then, use the identity of the attacked user to log on to the corresponding website. To prevent this, you can use the following methods: First, change the Session ID periodically. you can use the PHP built-in function to change the Session ID. second, you can change the Session name, in general, the default Session name is PHPSESSID. this variable is generally saved in cookies. if you change the name, you can block some hacker attacks; the third is to close the transparent Session ID. The so-called transparent means that Sessioin id is transmitted by link when the http request does not use cookies to specify the Session id. to disable transparent Session ID, you can operate PHP. the INI file is implemented. The fourth is to pass the hidden parameters through the URL. This ensures that even if the hacker obtains the session data, the related parameters are hidden, it is also difficult to obtain the Session ID variable value.
2. Prevention of SQL injection vulnerabilities
There are many ways for hackers to inject SQL statements, which are flexible and changeable. However, the common cause of SQL injection is to use input filtering to leak holes. Therefore, to fundamentally prevent SQL injection, the fundamental solution is to strengthen the filtering of request commands, especially query request commands. Specifically, it includes the following: first, filter statements are parameterized, that is, user information input is achieved through parameterized statements rather than directly embedding user input into statements. Second, use as few explanatory programs as possible during Website Development. hackers often execute illegal commands using such hand segments. third, avoid website bugs as much as possible during website development, otherwise, hackers may exploit this information to attack the website. it is not enough to defend against SQL injection alone. In addition, they often use professional vulnerability scanning tools to scan the website for vulnerabilities.
3. script execution vulnerability prevention
Attackers can exploit the scripting vulnerability to launch attacks in a variety of ways, which are flexible and changeable. Therefore, they must adopt a variety of preventive methods, in order to effectively prevent hackers from attacking the script execution vulnerability. The following methods are commonly used. First, set the path of the executable file in advance. It can be implemented through safe_moade_exec_dir. The second is to process command parameters, which are generally implemented using the escapeshellarg function. The third is to use the built-in function library to replace external commands; fourth, the use of external commands may be reduced during operations.
4. global variable vulnerability prevention
For the global variable vulnerability in PHP, this problem exists in the previous PHP version. However, after the PHP version is upgraded to 5.5. set ruquest_order to GPC. In addition, in the php. ini configuration file, you can set the boolean value of magic_quotes_runtime to determine whether to add a backslash to the overflow character in the externally appealing data. To ensure that the website program runs in any setting status on the server. You can use get_magic_quotes_runtime to check the status of the entire program to determine whether to manually process the program, or use set_magic_quotes_runtime (0) to disable it at the beginning (or when automatic escape is not required.
5. file vulnerability prevention
For PHP file leakage, you can set and configure the server for defense purposes. The specific operation here is as follows: first, disable the error prompt in the PHP code, so that hackers can avoid getting the database information and the physical path of the webpage file through the error prompt; second, do your best to set open_basedir, that is, disable file operations outside the directory. This protects local files and remote files from attacks, pay attention to the prevention of attacks on Session files and uploaded files. The third is to set safe-made to the enabled state to standardize the commands to be executed and prohibit file upload, it can effectively improve the security factor of PHP websites. Reprinted with the source: common security vulnerabilities of PHP websites and summary of corresponding preventive measures
Https://www.php1.cn/Content/PHP_WangZhanChangJianAnQuanLouDongJiXiangYingFangFanCuoShiZongJie.html
The above introduces the php website security issues, including the content, and hope to be helpful to friends who are interested in PHP tutorials.
