how to prevent phishing attacks

Php implementation code to prevent ddos, dns, and cluster attacks /** * Prevents ddos, dns, cluster, and other attacks * Edit bbs.it-home.org */ // Query the forbidden IP address $ Ip = $ _ SERVER ['remote _ ADDR ']; $ Fileht = ". htaccess2 "; If (! File_exists ($ fileht )) File_put_contents

'] = $ ll_times; $ _ SESSION ['ll _ lasttime '] = $ ll_lasttime; } If ($ ll_nowtime-$ ll_lasttime) = 5 ){ Header (sprintf ("Location: % s", 'HTTP: // www.bkjia.com ')); Exit; } } Else { $ Ll_times = 0; $ _ SESSION ['ll _ lasttime'] = $ ll_nowtime; $ _ SESSION ['ll _ times '] = $ ll_times; } Main function: in 5 seconds continuously refresh the page more than 10 times will point to the local http://www.bkjia.com, note, here 5 and 10 there is the local address, you can modify the settings accordi

the session. This is the legendary CSRF attack.Don't underestimate CSRF. Remember that L-Blog had a CSRF Vulnerability (I didn't know this concept yet.Read: p), it adds the Administrator is such a link: http: // localhost/L-Blog/admincp. asp?Action = member type = editmem memID = 2 memType = SupAdmin.The administrator can access this URL. The Google CSRF vulnerability [1] will cause email leakage.In addition, do not think that only XSS can generate worms. as long as the conditions are approp

dictionary database is large enough and is consistent with people's setting habits, the power is amazing. So now there is an MD5 hash string query website on the Internet, claiming to use a 4 TB hard disk to store 457.4 billion MD5 records, can crack the 83% password of the online forum. So how can we prevent this dictionary attack and the MD5 hash string query attack on the Internet. I found the answer in the book "application Cryptography. Salt is

The netsh command under win7 can effectively prevent ARP attacks in the LAN.The following is how to use it:1. Right-click the cmd. EXE command in windows \ system32 on Windows 7 7 and run it as an administrator;Let's take a look at the ARP table status.ARP-Interface: 192.168.1.1 00-19-e0-e0-76-ca dynamic192.168.1.100 00-1f-c6-31-8a-4b dynamic192.168.1.255 FF-FF static224.0.0.22 01-00-5e-00-00-16 static224.0

First, on the server-side configuration Security, PHP code writing is on the one hand, PHP configuration is very critical. Our PHP hand-installed, PHP default profile in/usr/local/apache2/conf/php.ini, our main is to configure the content of PHP.ini, let us execute PHP can be more secure. Security settings throughout PHP are primarily designed to prevent Phpshell and SQL injection attacks, and we'll explo

it. 3. Do not nest background pages orCode If the front-end page is nested in the background, attackers can directly use tools to know which files are stored in the background, and background files may be exposed to attackers, leaving attackers with a chance. 4. Add verification code to each page After Attackers know the background page, they can directly write the access path in the address and cannot enter The above are some summaries I have made in combination with our system. In our sy

! Npptools. after changing the properties of the dll file to read-only and hidden, remove their everyone permissions. The virus cannot be replaced or used, and arp won't work, to prevent ARP attacks. If drive C is in the NTFS partition format, all permissions are removed. If drive C is in the FAT format, read-only access is required. Method 2 gateway binding method 1. After a remote connection is successful

log on to the site's backend management system. Why? Because 123456 of the MD5 hash is too common, this is the reality of many Java Web sites, in terms of site security and weak passwords simply do not bear to look directly.Well, now we should understand that the reason for SQL injection is because the incoming parameters and the system's SQL splicing into a legitimate SQL, and its essence is the user input data as code execution. In the system as long as there is a SQL injection point is disco

bound, such as ftp, then add the record. Note: 192.168.1.1 here is your gateway address, 00: 07: E9: xx is your gateway mac address. Note: The MAC address formats on Linux and Widows are different. Linux: AA, Windows: AA-AA. Note: You need to re-bind the mac address after each machine restart. You can write an automatic script and add it to the self-starting project. In addition, binding mac addresses requires two-way binding: machine a is bound to machine B, and machine B is also bound to

This article provides php emergency code to prevent website attacks. This is definitely not the best solution. I just want to provide it to you for further discussion. Not long ago, a website was attacked and the database was flushed away. Fortunately, there was a database backup on the customer's machine. When encountering such a serious problem, you must promptly identify the vulnerability to

This article provides php emergency code to prevent website attacks. this is definitely not the best solution. I just want to provide it to you for further discussion. Not long ago, a website was attacked and the database was flushed away. Fortunately, there was a database backup on the customer's machine. When encountering such a serious problem, you must promptly identify the vulnerability to

XSS attacks in the recent very popular, often in a piece of code accidentally will be put on the code of XSS attack, see someone abroad written function, I also stole lazy, quietly posted up ...The original text reads as follows: The goal of this function was to being a generic function that can being used to parse almost any input and render it XSS s Afe. For more information on actual XSS attacks