堆栈内存溢出
  简体   繁体   English

检测是否使用PHP安装了Mod_Security?

[英]Detect if Mod_Security Is Installed With PHP?

 原文  2010-07-05 22:34:54       php/ mod-security

问题描述

Is there any simple way to detect if mod_security is installed & enabled using just PHP? 是否有任何简单的方法来检测是否仅使用PHP安装和启用了mod_security? Ideally without any exec() terminal type commands to be executed. 理想情况下,不执行任何exec()终端类型命令。

Some people have recommended using apache_get_modules() but this specific web-host does not allow it to show. 有些人建议使用apache_get_modules(),但这个特定的Web主机不允许它显示。 This is also mentioned by other users here: http://www.devcomments.com/apache_get_modules-solution-to130703.htm 其他用户也提到了这一点: http//www.devcomments.com/apache_get_modules-solution-to130703.htm

4 个解决方案

解决方案1
 4  2010-07-05 22:43:33

Try the apache_get_modules function to get an array of the loaded modules. 尝试使用apache_get_modules函数获取已加载模块的数组。 If that module is loaded but not listed there, you might want to try phpinfo with phpinfo(INFO_MODULES) instead: 如果该模块被加载,但没有列在那里,你可能想尝试phpinfo具有phpinfo(INFO_MODULES)代替: 

ob_start();
phpinfo(INFO_MODULES);
$contents = ob_get_clean();
$moduleAvailable = strpos($contents, 'mod_security') !== false;

解决方案2
 3  2013-08-23 17:47:36

You can do just create a test.php file and use.. 你可以创建一个test.php文件并使用.. 

<?php phpinfo(); ?>

And look at the apache2handler, and look at: Loaded modules.. something like this... 看看apache2handler,然后看看:加载的模块..这样的东西......

http://gyazo.com/bcba303469f23671f7213e1478788cbd.png http://gyazo.com/bcba303469f23671f7213e1478788cbd.png

-Mike -麦克风

解决方案3
 2  2010-07-06 02:24:06

Grasping at straws here. 抓住稻草在这里。

Try having your script make a request to itself (via file_get_contents or maybe the cURL extension) that would trip mod_security. 尝试让您的脚本向自己发送请求(通过file_get_contents或cURL扩展名),这将触发mod_security。 If it returns a 403 (or whatever mod_security's default response is), that should be enough information for you to go on... 如果它返回403(或任何mod_security的默认响应),这应该是足够的信息让你继续...

解决方案4
 0  2018-11-07 03:29:17

您可以搜索get_loaded_extensions()函数并使用array_intersect(),如果找不到任何匹配项,则返回数组中的匹配值,否则返回空数组。 

$modSecurity = !empty(array_intersect(array_map('strtolower', get_loaded_extensions()), array('mod_security', 'mod security'))) ? true : false;

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP共享主机和mod_security - php shared host and mod_security 如何编写mod_security友好的PHP代码? - How to write mod_security friendly PHP code? 禁用bridge.php脚本的mod_security - disable mod_security for a bridge.php script 如何检查是否使用PHP激活mod_security(没有卷曲) - How to check if mod_security is activated with PHP (without curl) 网址中带有“〜”字样的Mod_security 406 - Mod_security 406 with a '~' in the URL ResourceSpace 应用程序和 mod_security 的问题 - Issue with ResourceSpace app and mod_security 在EC2上安装mod_security - Installing mod_security on EC2 如何在.htaccess中禁用mod_security和mod_security2 - How to disable mod_security and mod_security2 in .htaccess 如何在 Windows 2008 IIS 上启用 mod_security - How to enable mod_security on Windows 2008 IIS 大文件上传时出现 Apache 错误 500 (mod_security) - Apache error 500 on large file uploads (mod_security)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM