堆栈内存溢出
  简体   繁体   English

存储引用站点名称和IP地址的困难

[英]Difficulties in storing referring site name and ip address

 原文  2017-05-24 12:11:13       php/ curl/ joomla3.0/ http-referer

问题描述

My scenario is this : 1st site sends a request with various parameters as query strings by php curl to 2nd site. 我的情况是:第一个站点通过php curl向第二个站点发送带有各种参数的请求作为查询字符串。 2nd site class method handles the request with various comparisons on the incoming parameters and stores some data in table along with referring site(1st site) name and IP address by this way - 第二站点类方法通过对传入参数进行各种比较来处理请求,并通过这种方式将一些数据与引用站点(第一站点)名称和IP地址一起存储在表中- 

$url = parse_url($_SERVER['HTTP_REFERER']);
$ref_site = $url['host'];
$ref_site_ip = gethostbyname($ref_site);

But it's not working in my production server when i was testing it, there is no value for $ref_site and $ref_site_ip variables meaning $_SERVER['HTTP_REFERER'] is not working for many reasons, may be for 1st site's curl request.... 但是当我对其进行测试时,它在我的生产服务器中不起作用,$ ref_site和$ ref_site_ip变量没有任何值,这意味着$ _SERVER ['HTTP_REFERER']由于许多原因而无法工作,可能是因为第一个站点的curl请求... 。

does following works properly ? 以下工作正常吗? 

$_SERVER['REMOTE_ADDR'], $_SERVER['REMOTE_HOST']

It's look like by $_SERVER['REMOTE_ADDR'] i saw a IP address which i did not verify fully for whether it's referring site(1st site) ip or 2nd site ip, i will update about it soon if possible. 看起来好像是$ _SERVER ['REMOTE_ADDR'],我看到一个IP地址,我没有完全验证它是引用站点(第一站点)ip还是第二站点ip,如果可能,我会尽快对其进行更新。

Now what other ways i can get referring site name and IP certainly ? 现在,我还能通过什么其他方式肯定会引用站点名称和IP?

FYI I will have no control on 1st site codes because those sites will be of various users and those site codes used curl to send request which i definitely know coz those are my known cms site. 仅供参考,我将无法控制第一站点代码,因为那些站点将是各种用户,并且那些站点代码使用curl发送请求,我当然知道这些是我已知的cms站点。

1 个解决方案

解决方案1
 0  2017-05-26 13:34:25

You can use IP protection later in .htaccess like this. 您可以稍后在.htaccess使用IP保护,如下所示。

This will block all files in folder cron 这将阻止cron文件夹中的所有文件 

<FilesMatch "cron\.php$">
    Order deny,allow
    Deny from all
    Allow from 10.0.0.0/24
</FilesMatch>

This will only block files with name cron.php 这只会阻止名称为cron.php文件 

<Files "cron.php">
    Order deny,allow
    Deny from all
    Allow from 10.0.0.0/24
</Files>

Now to your security. 现在到您的安全。 The best way would be to create hash for every query. 最好的方法是为每个查询创建哈希。 For instance in the file that send request. 例如在发送请求的文件中。 

$time = time();
$secret = 'MySecretWord';
// Your IP address that will be detected in $_SERVER['REMOTE_ADDR'] on accepting server
$ip = '10.10.10.10'; 
$hash = md5($time.$ip.$secret);

Now you include this $hash and $time into GET request. 现在,您将此$hash$time在GET请求中。 And on accepting site 并在接受网站上 

$ip = $_SERVER['REMOTE_ADDR']
$time = $_GET['time'];
$secret = 'MySecretWord';
$hash = md5($time.$ip.$secret);

if($hash != $_GET['hash'])
{
    echo "Back off a*hole!";
    exit;
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 获取PHP中的推荐站点IP地址 - Get referring site IP address in PHP 存储获取和存储IP地址 - Storing getting and storing IP address 在MySQL中存储IP地址? - storing ip address in mysql? 确定引荐站点的 IP 地址 - Determine I.P. Address of Referring Site 将数据库中的IP地址存储为整数 - Storing IP address in database as integer 为它存储IP地址或地理数据 - storing ip address or geo data for it (PHP)存储点击的IP地址 - (PHP) storing IP address of clicks 如何通过域名和IP地址访问WordPress网站? - How to make WordPress site accessible via both domain name and IP address? 在存储之前加密用户的IP地址 - Encrypting user's IP address before storing it IP地址的存储记录(数据库替代) - Storing Record for IP Address (DB Alternative)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM