PHP/Java to encrypt website addresses-fundamentally solve connection piracy

Source: Internet
Author: User

Website anti-image and other content leeching methods are diverse, the most common method is to identify the access source through HTTP access header information. Readers of TCP/IP contacts know that because HTTP header information is processed at the application layer of the OSI model, fake HTTP header information is fabricated and sent to the server, no special technologies or tools are required.
In the following example, we use the wget command to simulate the firefox2 browser for HTTP basic authentication. According to its access, the HTTP server cannot tell whether it is an HTTP request sent by Firefox or wget, And the access source is also spoofed.

Wget -- http-user = login id -- http-Password = login password -- no-Cache -- Referer = access source/n <br/> -- User-Agent = "User-Agent: mozilla/5.0 (windows; U; Windows NT 5.1; ja; RV: 1.8.1.14) Gecko/20080404 Firefox/2.0.0.14"

Preventing leeching through HTTP header information is a typical anti-bot attack.

Network-oriented web content is open. In most cases, leeching is not required. If you want to restrict certain content to users of a specific group, you can use CGI to authenticate users. Such as SNS, forums, and web mailboxes. The access source is only part of the access log, used to collect user activity information, and is not necessary for system operation.

To sum up, due to the reasons of the HTTP Communication Protocol itself, in the method of preventing leeching, determining the header information cannot truly implement anti-leech protection. To prevent leeching, you can only use the following two methods:
1. Perform User Authentication through CGI to prevent access to the target content by irrelevant personnel:
Although this method cannot prevent access members from "leeching", it is very effective to prevent leeching of irrelevant personnel.
2. dynamically change the access path:
This method is very direct to prevent leeching, that is, the address obtained by leeching is invalid. This address is only valid for the first user. The following describes how to encrypt the original link address.

This document describes how to encrypt a link address by using XOR.AlgorithmThe simple common key encryption.
There are two common encryption methods in computer technology: public key encryption (such as SSL) and public key encryption (also called secret key encryption, such as AES and browfish. Public key encryption is the key shared by the encryption and decryption parties for encryption and decryption. The disadvantage is that once the key is lost, all encryption processing will be decommissioned, and the encrypted content can be obtained by anyone with the key. The public key encryption method can solve this problem. However, the link address encryption process described in this article is all carried out within the server and does not involve leaking the encryption key, encryption keys change irregularly with different accesses, and there is no problem of leaking decoding keys. Therefore, a simpler common key encryption method will be used.
The link address encryption principle is as follows:
1. When a new session is created, a common encryption key is generated in the number of session conflicts.
2. When the image shows the connection, the Server CGI automatically encrypts such as the content address and the Content ID in the database to generate the encrypted link address.
3. Access the encrypted link address. The server extracts the encryption key from the session, decrypts the encrypted content, and returns the request content.

Why is XOR algorithm used:
For example, for some image websites, if the URL is encrypted and complicated encryption algorithms are used, it will inevitably increase the burden on the server.
Considering the performance, I use the XOR algorithm. Although this algorithm is easy to crack, the encryption key remains secure for a short time.
Encryption Using the Java and PHP languages is as follows:CodeFor your reference.

 

Java code:

Import Java. io. unsupportedencodingexception; <br/> Import java.net. urldecoder; <br/> Import java.net. urlencoder; <br/> public class xortest {</P> <p> Public static void main (string [] ARGs) throws unsupportedencodingexception {<br/> // string value = "meat, vegetables, and fruits"; <br/> // string key = "Vegetables and Fruits "; <br/> string value = "http://blog.csdn.net/froole/archive/2009/05/13/4176111.aspx"; <br/> string key = "key"; </P> <P> // pre-encryption output <br/> Print ("pre-encryption", value ); <br/> // encryption processing <br/> byte [] byteencodearray = encode (value. getbytes (), key); <br/> value = new string (byteencodearray ); </P> <p> // encrypted output <br/> Print ("encrypted", value ); </P> <p> // URL conversion <br/> string encode = urlencoder. encode (value, "UTF-8"); <br/> Print ("Convert URL", encode); <br/> string dencode = urldecoder. decode (encode, "UTF-8"); <br/> Print ("reply from URL", dencode); <br /> Value = dencode; </P> <p> // decrypt <br/> byte [] bytedecodearray = decode (value. getbytes (), key); <br/> value = new string (bytedecodearray ); </P> <p> // output after decryption <br/> Print ("decrypted", value ); <br/>}</P> <p>/** <br/> * encryption <br/> * @ Param SRC <br/> * @ Param key <br /> * @ return <br/> */<br/> Private Static byte [] encode (byte [] SRC, string key) {<br/> byte [] bytekeyarray = new byte [0]; <br/> byte [] byteencarr Ay = new byte [SRC. length]; </P> <p> // process the converted encryption key cyclically <br/> while (bytekeyarray. length <SRC. length) {<br/> bytekeyarray = (new string (bytekeyarray) + key ). getbytes (); <br/>}</P> <p> // conversion <br/> for (INT I = 0; I <SRC. length; I ++) {<br/> byteencarray [I] = (byte) (SRC [I] ^ bytekeyarray [I]); <br/>}< br/> return byteencarray; <br/>}</P> <p>/** <br/> * decrypt <br/> * @ Param SRC <br/> * @ Param key <br/> * @ RET Urn <br/> */<br/> Private Static byte [] Decode (byte [] SRC, string key) {<br/> return encode (SRC, key ); <br/>}</P> <p>/** <br/> * convert to hexadecimal text <br/> * @ Param value <br/> *@ return <br/> */<br/> Private Static string getdump16 (byte [] value) {</P> <p> stringbuffer Buf = new stringbuffer (); </P> <p> for (INT I = 0; I <value. length; I ++) {<br/> string hex = integer. tohexstring (INT) value [I] & 255); </P> <P> // Add the first four digits <br/> hex = "0000" + hex; <br/> hex = hex. substring (hex. length ()-4, Hex. length (); </P> <p> // Add blank lines and change lines for every 10 digits (blank area switch and 10 character box switch) <br/> Buf. append (hex + (I % 10 = 9? System. getproperty ("line. separator "):" "); <br/>}< br/> return Buf. tostring (). trim (); <br/>}</P> <p> Private Static void print (String title, string value) {<br/> system. out. println ("[" + title + "]"); <br/> system. out. println ("-----------------------------"); <br/> system. out. println (value); <br/> system. out. println (getdump16 (value. getbytes (); <br/> system. out. println (); <br/> system. out. println (); <br/>}< br/>}

 

PHP code:

// XOR encrypt/descript <br/> function xor_encrypt ($ plain, $ key) {<br/> $ seed = str_repeat ($ key, strlen ($ plain )); <br/> return bin2hex ($ plain ^ $ seed); <br/>}< br/> function xor_decrypt ($ ENC, $ key) {<br/> $ seed = str_repeat ($ key, strlen ($ ENC); <br/> return pack ("H *", $ ENC) ^ $ seed; <br/>}< br/> // test code <br/> $ key = 'V'; <br/> $ ENC = xor_encrypt ("http://blog.csdn.net/froole/archive/2009/05/13/4176111.aspx ", $ key); <br/> echo "ENC :[". $ ENC. "]/n"; <br/> echo "org :[". xor_decrypt ($ ENC, $ key ). "]/n ";

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.