一些常见的尝试探索您的网站一般是旧的漏洞,或从其他系统中的漏洞,可以通过添加以下代码到您的网站来封锁:
1.在您最喜爱的文本编辑器里面,编辑新的文本文件,复制并粘贴到下面的代码。
2.保存"block_probing.php"的文件,并上传到以下文件夹到你的店:
a) /your_renamed_admin/includes/extra_configures/
b) /includes/extra_configures/
/**
* @package security
* @copyright Copyright 2003-2011 Zen
Cart Development Team
* @license http://www.zen-cart.com/license/2_0.txt
GNU Public License V2.0
* @copyright Portions Copyright
2008,2009,2010,2011 GNU/GPL V.2 BY MIKE H.
HTTP://WWW.SPAMBOTSECURITY.COM
* @version $Id: vuln_trap.php 15882
2011-09-01 08:23:55Z drbyte $
*/
$paramsToCheck = array();
// List of strings to search for and block
$paramsToCheck[] = '.php/login.php';
$paramsToCheck[] =
'.php/password_forgotten.php';
$paramsToCheck[] = '.php/sqlpatch.php';
$paramsToCheck[] = 'file_manager.php';
$paramsToCheck[] = 'index.html?';
$paramsToCheck[] = ':2082';
$paramsToCheck[] = ':2083';
$paramsToCheck[] = ':2086';
$paramsToCheck[] = ':2087';
// processing ****************************
/**
* inoculate against hack attempts which
waste CPU cycles
*/
$contaminated = (isset($_FILES['GLOBALS']) ||
isset($_REQUEST['GLOBALS'])) ? true : false;
$paramsToAvoid = array('GLOBALS', '_COOKIE',
'_ENV', '_FILES', '_GET', '_POST', '_REQUEST', '_SERVER', '_SESSION',
'HTTP_COOKIE_VARS', 'HTTP_ENV_VARS', 'HTTP_GET_VARS', 'HTTP_POST_VARS',
'HTTP_POST_FILES', 'HTTP_RAW_POST_DATA', 'HTTP_SERVER_VARS',
'HTTP_SESSION_VARS');
$paramsToAvoid[] = 'autoLoadConfig';
$paramsToAvoid[] = 'mosConfig_absolute_path';
$paramsToAvoid[] = 'hash';
$paramsToAvoid[] = 'main';
foreach($paramsToAvoid as $key) {
if (isset($_GET[$key]) ||
isset($_POST[$key]) || isset($_COOKIE[$key])) {
$contaminated = true;
break;
}
}
if ($contaminated)
{
header('HTTP/1.1 406 Not Acceptable');
exit(0);
}
$requesturi=@$_SERVER['REQUEST_URI'];
$lcrequesturi=strtolower($requesturi);
$query2=$useragent="";
if(isset($_SERVER['QUERY_STRING'])){$query2=@$_SERVER['QUERY_STRING'];}
$query=strtolower($query2);
$querydec2=urldecode($query2); // urldecoded
to make signature writing for detection matching easier
$querydec=strtolower($querydec2);
$querydecsws=preg_replace('/s+/','',$querydec);
$querydecsws=preg_replace("/[^x9xAxDx20-x7F]/",'',$querydecsws);
if(isset($_SERVER['HTTP_USER_AGENT'])){$useragent=@$_SERVER['HTTP_USER_AGENT'];}
$lcuseragent=strtolower($useragent);
$lcuseragentsws=preg_replace('/s+/','',$lcuseragent);
$lcuseragentsws=preg_replace("/[^x9xAxDx20-x7F]/",'',$lcuseragentsws);
foreach ($paramsToCheck as $key => $val) {
if (substr_count($lcrequesturi, $val)
|| substr_count($query, $val) || substr($query, -1) == '?') {
$contaminated = TRUE;
}
}
unset($paramsToCheck, $paramsToAvoid, $key,
$val);
if ($contaminated)
{
header('HTTP/1.1 406 Not Acceptable');
exit(0);
}
unset($contaminated);
unset($query2, $query, $querydec2, $querydec,
$querydecsws, $useragent, $lcuseragent, $lcuseragentsws, $requesturi,
$lcrequesturi, $lcrequesturisws, $lcpost, $lcpostsws);
/* *** END OF INNOCULATION *** */ |