堆栈内存溢出
  简体   繁体   English

$ _SERVER ['HTTP_HOST']和$ _SERVER ['SERVER_NAME']检测问题

[英]$_SERVER['HTTP_HOST'] AND $_SERVER['SERVER_NAME'] Detection Issue

 原文  2017-11-05 11:36:48       php/ security/ proxy

问题描述

I have one website that generates a good traffic and i have found that other website is cloaking my website and i have problem on how to detect it with PHP so i can block it. 我有一个网站产生了良好的访问量,但我发现其他网站掩盖了我的网站,我在如何使用PHP进行检测方面存在问题,因此我可以将其阻止。

First of all I have added echo $_SERVER['HTTP_HOST'] or echo $_SERVER['SERVER_NAME'] to my code and when i access this cloaking websitethe result is right. 首先,我在代码中添加了echo $_SERVER['HTTP_HOST']echo $_SERVER['SERVER_NAME'] ,当我访问该隐身网站时,结果是正确的。 It shows me the name of the website (cloakingwebsite.com) that is cloaking mywebsite.com 它向我显示了掩盖mywebsite.com的网站(cloakingwebsite.com)的名称

So i am now on cloakingwebsite.com (not my domain), with this code added on mywebsite.com (my domain) 所以我现在在cloakingwebsite.com(不是我的域)上,并将此代码添加到mywebsite.com(我的域)上 

if($_SERVER['HTTP_HOST'] == "cloakingwebsite.com" || $_SERVER['SERVER_NAME'] == "cloakingwebsite.com"){
    echo "you are on cloakingwebsite.com";
}
else if($_SERVER['HTTP_HOST'] == "mywebsite.com" || $_SERVER['SERVER_NAME'] == "mywebsite.com"){
     echo "you are on mywebsite.com";
}

and i get you are on mywebsite.com 我知道你在mywebsite.com

Conclusion: 结论:

If i use $_SERVER['HTTP_HOST'] or $_SERVER['SERVER_NAME'] with echo or print the result is right but if i use them with if and else statement the result is not right. 如果我使用$ _SERVER ['HTTP_HOST']$ _SERVER ['SERVER_NAME']进行回显打印 ,结果将是正确的,但是如果我将它们与ifelse语句一起使用, 结果将不正确。

I don't know much about virtual or real ip and SERVER_NAME or HTTP_HOST but this looks like a security issue for me. 我对虚拟或真实IP和SERVER_NAME或HTTP_HOST不太了解,但这对我来说似乎是一个安全问题。

All my users that search for my website on google find this cloaking website and they login on my website trough this one because it is also managing cookies and everything. 我所有在google上搜索我的网站的用户都找到了这个隐藏的网站,他们通过这个网站登录我的网站,因为它还管理着cookie和其他所有内容。 As far as i know these websites may got all my users login info that goes trough them. 据我所知,这些网站可能会让我所有的用户登录信息通过他们。 I have searched all the internet for a solution and that was javascript. 我已经在互联网上搜索了一个解决方案,那就是javascript。 I did that but now they got smart they filter and remove all javascript codes. 我这样做了,但现在他们变得聪明了,他们过滤并删除了所有JavaScript代码。

So the only option for me is $_SERVER['HTTP_HOST'] or $_SERVER['SERVER_NAME'] witch are not detected right. 因此,对我来说,唯一的选择是$ _SERVER ['HTTP_HOST']$ _SERVER ['SERVER_NAME']没有正确检测到。

I run PHP 7.1 on NGINX 我在NGINX上运行PHP 7.1

Any solution please? 有什么解决办法吗?

myWebsite.com HEADERS myWebsite.com标题 

[USER] => www-data
[HOME] => /var/www
[HTTP_CF_CONNECTING_IP] => 3a02:3f0e:5260:664:75fb:bb5a:f2a6:1ea3
[HTTP_COOKIE] => __cfduid=d7711ced6c319ac0aa615de5f64160b561509570260;
[HTTP_ACCEPT_LANGUAGE] => en-US,en;q=0.8,it;q=0.6,ro;q=0.4
[HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
[HTTP_UPGRADE_INSECURE_REQUESTS] => 1
[HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
[HTTP_CF_VISITOR] => {"scheme":"https"}
[HTTP_X_FORWARDED_PROTO] => https
[HTTP_CF_RAY] => 3b8d9bf459da7ea0-BUD
[HTTP_X_FORWARDED_FOR] => 3a02:2f0e:3260:664:75fb:bb5a:f2a6:1ea3
[HTTP_CF_IPCOUNTRY] => RO
[HTTP_ACCEPT_ENCODING] => gzip
[HTTP_CONNECTION] => Keep-Alive
[HTTP_HOST] => mywebsite.com
[REDIRECT_STATUS] => 200
[SERVER_NAME] => mywebsite.com
[SERVER_PORT] => 80
[SERVER_ADDR] => ******hiden.ip
[REMOTE_PORT] => 34741
[REMOTE_ADDR] => ****hiden.ip
[SERVER_SOFTWARE] => nginx/1.13.6
[GATEWAY_INTERFACE] => CGI/1.1
[REQUEST_SCHEME] => http
[SERVER_PROTOCOL] => HTTP/1.1
[DOCUMENT_ROOT] => /var/www
[DOCUMENT_URI] => /index.php
[REQUEST_URI] => /
[SCRIPT_NAME] => /index.php
[CONTENT_LENGTH] => 
[CONTENT_TYPE] => 
[REQUEST_METHOD] => GET
[QUERY_STRING] => 
[SCRIPT_FILENAME] => /var/www/index.php
[FCGI_ROLE] => RESPONDER
[PHP_SELF] => /index.php
[REQUEST_TIME_FLOAT] => 1509882770.658
[REQUEST_TIME] => 1509882770

cloakingWbsite.com HEADERS cloakingWbsite.com标头 

[USER] => www-data
[HOME] => /var/www
[HTTP_CF_CONNECTING_IP] => 3a01:3f8:171:2a4c:0:0:0:2
[HTTP_COOKIE] => __cfduid=dcad0dcc3004b494316f306212dc195911509878400;
[HTTP_REFERER] => 
[HTTP_ACCEPT] => */*
[HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
[HTTP_CF_VISITOR] => {"scheme":"https"}
[HTTP_X_FORWARDED_PROTO] => https
[HTTP_CF_RAY] => 3b8f5486a8196349-FRA
[HTTP_X_FORWARDED_FOR] => 2a01:4f8:171:3a4c:0:0:0:2
[HTTP_CF_IPCOUNTRY] => DE
[HTTP_ACCEPT_ENCODING] => gzip
[HTTP_CONNECTION] => Keep-Alive
[HTTP_HOST] => proxywebsite.com
[REDIRECT_STATUS] => 200
[SERVER_NAME] => cloakingwebsite.com
[SERVER_PORT] => 80
[SERVER_ADDR] => ***hidden.ip
[REMOTE_PORT] => 14485
[REMOTE_ADDR] => ***hidden.ip
[SERVER_SOFTWARE] => nginx/1.13.6
[GATEWAY_INTERFACE] => CGI/1.1
[REQUEST_SCHEME] => http
[SERVER_PROTOCOL] => HTTP/1.1
[DOCUMENT_ROOT] => /var/www
[DOCUMENT_URI] => /index.php
[REQUEST_URI] => /
[SCRIPT_NAME] => /index.php
[CONTENT_LENGTH] => 
[CONTENT_TYPE] => 
[REQUEST_METHOD] => GET
[QUERY_STRING] => 
[SCRIPT_FILENAME] => /var/www/index.php
[FCGI_ROLE] => RESPONDER
[PHP_SELF] => /index.php
[REQUEST_TIME_FLOAT] => 1509879844.936
[REQUEST_TIME] => 1509879844

1 个解决方案

解决方案1
 0  2017-11-05 11:44:00

If they truly are proxying your site, you need to determine the IP address of the server they're using and block them. 如果他们确实在代理您的站点,则需要确定他们正在使用的服务器的IP地址并将其阻止。 If you block them from reaching your site, they can't act as a proxy. 如果您阻止他们访问您的网站,则它们不能充当代理。

So you should be looking at Apache, Nginx, or whatever web server you're running, inspect the log files, and look for tons of requests that come from the same IP, research this until you feel confident that it's them who is making those requests. 因此,您应该查看Apache,Nginx或您正在运行的任何Web服务器,检查日志文件,并查找来自同一IP的大量请求,进行研究,直到您确信是由他们来做这些。要求。

Then block them at the firewall level, or by using a service such as CloudFlare. 然后在防火墙级别或使用诸如CloudFlare之类的服务将其阻止。 Note that using a service like CloudFlare would help you avoid this sort of trouble to begin with, because they will be capable of monitoring inhuman amounts of traffic for you. 请注意,使用诸如CloudFlare之类的服务可以帮助您避免此类麻烦,因为它们将能够为您监控不人道的流量。 Their service is free. 他们的服务是免费的。 https://www.cloudflare.com/security/ https://www.cloudflare.com/security/

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP中的HTTP_HOST和SERVER_NAME有什么区别? - What is the difference between HTTP_HOST and SERVER_NAME in PHP? $ _SERVER ['SERVER_NAME']和$ _SERVER ['HTTP_HOST']都与实际网址不同 - $_SERVER['SERVER_NAME'] and $_SERVER['HTTP_HOST'] both different than actual URL PHP重定向基于同一域内的HTTP_HOST / SERVER_NAME - PHP redirect based on HTTP_HOST/SERVER_NAME within same domain PHP $ _SERVER ['HTTP_HOST']与$ _SERVER ['SERVER_NAME'],我是否正确理解了手册页? - PHP $_SERVER['HTTP_HOST'] vs. $_SERVER['SERVER_NAME'], am I understanding the man pages correctly? $ _SERVER ['HTTP_HOST']无法识别 - $_SERVER['HTTP_HOST'] not recognized $ _SERVER ['HTTP_HOST']未设置 - $_SERVER['HTTP_HOST'] not set 安全的php主机名信息 - $ _SERVER ['HTTP_HOST']替代方案 - secure php host name information - $_SERVER['HTTP_HOST'] alternative $ _SERVER [HTTP_HOST]是重定向问题的原因吗? - Is $_SERVER[HTTP_HOST] the cause of redirect issues? $ _SERVER [“ HTTP_HOST”]与localhost或127.0.0.1 - $_SERVER[“HTTP_HOST”] with localhost or 127.0.0.1 $ _SERVER [HTTP_HOST]的域错误? - Wrong domain with $_SERVER[HTTP_HOST]?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM