你现在的位置:首页 > PHP网站建设知识库 > ZenCart > 正文

如何阻止黑客探测zencart活动

有人企图探测你的zencart网站旧漏洞,或其他系统中的漏洞,可以在网站上添加以下代码来阻止:

1、复制并粘贴以下代码到你最喜爱的文本编辑器中的新文本文件。

2、以"block_probing.php"命名文件并保存。并且上传到你的商店的下面文件夹中:

a) /your_renamed_admin/includes/extra_configures/

b) /includes/extra_configures/

代码:

$paramsToCheck = array();

// List of strings to search for and block

$paramsToCheck[] = '.php/login.php';

$paramsToCheck[] = '.php/password_forgotten.php';

$paramsToCheck[] = '.php/sqlpatch.php';

$paramsToCheck[] = 'file_manager.php';

$paramsToCheck[] = 'index.html?';

$paramsToCheck[] = ':2082';

$paramsToCheck[] = ':2083';

$paramsToCheck[] = ':2086';

$paramsToCheck[] = ':2087';

// processing ****************************

/**

 * inoculate against hack attempts which waste CPU cycles

 */

$contaminated = (isset($_FILES['GLOBALS']) || isset($_REQUEST['GLOBALS'])) ? true : false;

$paramsToAvoid  = array('GLOBALS', '_COOKIE', '_ENV', '_FILES', '_GET', '_POST',  '_REQUEST', '_SERVER', '_SESSION', 'HTTP_COOKIE_VARS', 'HTTP_ENV_VARS',  'HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_POST_FILES',  'HTTP_RAW_POST_DATA', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS');

$paramsToAvoid[] = 'autoLoadConfig';

$paramsToAvoid[] = 'mosConfig_absolute_path';

$paramsToAvoid[] = 'hash';

$paramsToAvoid[] = 'main';

foreach($paramsToAvoid as $key) {

  if (isset($_GET[$key]) || isset($_POST[$key]) || isset($_COOKIE[$key])) {

    $contaminated = true;

    break;

  }

}

if ($contaminated)

{

  header('HTTP/1.1 406 Not Acceptable');

  exit(0);

}

$requesturi=@$_SERVER['REQUEST_URI'];

$lcrequesturi=strtolower($requesturi);

$query2=$useragent="";

if(isset($_SERVER['QUERY_STRING'])){$query2=@$_SERVER['QUERY_STRING'];}

$query=strtolower($query2);

$querydec2=urldecode($query2); // urldecoded to make signature writing for detection matching easier

$querydec=strtolower($querydec2);

$querydecsws=preg_replace('/s+/','',$querydec);

$querydecsws=preg_replace("/[^x9xAxDx20-x7F]/",'',$querydecsws);

if(isset($_SERVER['HTTP_USER_AGENT'])){$useragent=@$_SERVER['HTTP_USER_AGENT'];}

$lcuseragent=strtolower($useragent);

$lcuseragentsws=preg_replace('/s+/','',$lcuseragent);

$lcuseragentsws=preg_replace("/[^x9xAxDx20-x7F]/",'',$lcuseragentsws);

foreach ($paramsToCheck as $key => $val) {

  if (substr_count($lcrequesturi, $val) || substr_count($query, $val) || substr($query, -1) == '?') {

    $contaminated = TRUE;

  }

}

unset($paramsToCheck, $paramsToAvoid, $key, $val);

if ($contaminated)

{

  header('HTTP/1.1 406 Not Acceptable');

  exit(0);

}

unset($contaminated);

unset($query2,  $query, $querydec2, $querydec, $querydecsws, $useragent, $lcuseragent,  $lcuseragentsws, $requesturi, $lcrequesturi, $lcrequesturisws, $lcpost,  $lcpostsws);

/* *** END OF INNOCULATION *** */