有人企图探测你的网站旧漏洞,或其他系统中的漏洞,可以在网站上添加以下代码来阻止:
1、复制并粘贴以下代码到你最喜爱的文本编辑器中的新文本文件。
2、以"block_probing.php"命名文件并保存。并且上传到你的商店的下面文件夹中:
a)
/your_renamed_admin/includes/extra_configures/
b)
/includes/extra_configures/
代码:
http://www.zen-cart.com/license/2_0.txt
GNU Public License V2.0
* @copyright Portions Copyright
2008,2009,2010,2011 GNU/GPL V.2 BY MIKE H. HTTP://WWW.SPAMBOTSECURITY.COM
* @version $Id: vuln_trap.php 15882 2011-09-01
08:23:55Z drbyte $
*/
$paramsToCheck = array();
// List of strings to
search for and block
$paramsToCheck[] =
'.php/login.php';
$paramsToCheck[] =
'.php/password_forgotten.php';
$paramsToCheck[] =
'.php/sqlpatch.php';
$paramsToCheck[] =
'file_manager.php';
$paramsToCheck[] =
'index.html?';
$paramsToCheck[] = ':2082';
$paramsToCheck[] = ':2083';
$paramsToCheck[] = ':2086';
$paramsToCheck[] = ':2087';
// processing
****************************
/**
* inoculate against hack attempts which waste
CPU cycles
*/
$contaminated =
(isset($_FILES['GLOBALS']) || isset($_REQUEST['GLOBALS'])) ? true : false;
$paramsToAvoid = array('GLOBALS', '_COOKIE', '_ENV',
'_FILES', '_GET', '_POST', '_REQUEST',
'_SERVER', '_SESSION', 'HTTP_COOKIE_VARS', 'HTTP_ENV_VARS', 'HTTP_GET_VARS', 'HTTP_POST_VARS',
'HTTP_POST_FILES', 'HTTP_RAW_POST_DATA',
'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS');
$paramsToAvoid[] =
'autoLoadConfig';
$paramsToAvoid[] =
'mosConfig_absolute_path';
$paramsToAvoid[] = 'hash';
$paramsToAvoid[] = 'main';
foreach($paramsToAvoid as
$key) {
if (isset($_GET[$key]) || isset($_POST[$key])
|| isset($_COOKIE[$key])) {
$contaminated = true;
break;
}
}
if ($contaminated)
{
header('HTTP/1.1 406 Not Acceptable');
exit(0);
}
$requesturi=@$_SERVER['REQUEST_URI'];
$lcrequesturi=strtolower($requesturi);
$query2=$useragent="";
if(isset($_SERVER['QUERY_STRING'])){$query2=@$_SERVER['QUERY_STRING'];}
$query=strtolower($query2);
$querydec2=urldecode($query2);
// urldecoded to make signature writing for detection matching easier
$querydec=strtolower($querydec2);
$querydecsws=preg_replace('/s+/','',$querydec);
$querydecsws=preg_replace("/[^x9xAxDx20-x7F]/",'',$querydecsws);
if(isset($_SERVER['HTTP_USER_AGENT'])){$useragent=@$_SERVER['HTTP_USER_AGENT'];}
$lcuseragent=strtolower($useragent);
$lcuseragentsws=preg_replace('/s+/','',$lcuseragent);
$lcuseragentsws=preg_replace("/[^x9xAxDx20-x7F]/",'',$lcuseragentsws);
foreach ($paramsToCheck as
$key => $val) {
if (substr_count($lcrequesturi, $val) ||
substr_count($query, $val) || substr($query, -1) == '?') {
$contaminated = TRUE;
}
}
unset($paramsToCheck,
$paramsToAvoid, $key, $val);
if ($contaminated)
{
header('HTTP/1.1 406 Not Acceptable');
exit(0);
}
unset($contaminated);
unset($query2, $query, $querydec2, $querydec, $querydecsws,
$useragent, $lcuseragent,
$lcuseragentsws, $requesturi, $lcrequesturi, $lcrequesturisws, $lcpost, $lcpostsws);
/* *** END OF INNOCULATION
*** */ |