Home > Article > Backend Development > www.teacherclub.com.cn php scripting skills against web scanners

www.teacherclub.com.cn php scripting skills against web scanners

WBOYOriginal: 2016-07-29 08:38:551370browse

Most web scanners (including upload and management background scanners) determine the existence of a page by judging the HTTP 200 return. Based on the existence of the page, these scanning periods will start scanning for vulnerabilities. Since the internal logic cannot be guaranteed to be tight, we will focus on the input/output bottleneck. When an incorrect password is entered or the permission fails, we return a 400 error HTTP message ourselves to mislead the scanner not to continue scanning (including Which manual intruders)
Take PHP as an example:

Copy the code The code is as follows:

ob_start();
if ('Password' != $_GET['password'])
header("HTTP/1.1 404 Not Found");
?>

Sample

The above introduces the scripting skills of www.teacherclub.com.cn PHP against Web scanners, including the content of www.teacherclub.com.cn. I hope it will be helpful to friends who are interested in PHP tutorials.

Statement：

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Previous article：Top Ten Web Game Rankings 2013 PHP Code to Control Web Page Expiration TimeNext article：Top Ten Web Game Rankings 2013 PHP Code to Control Web Page Expiration Time

See more

www.teacherclub.com.cn php scripting skills against web scanners

Related articles