stackoom
  简体   繁体   中英

cURL php upload file detected as IPS attack

 原文  2013-03-27 14:30:04       php/ curl/ firewall

Question

Why my cURL upload file detected as IPS attack by forti firewall : 

function post_files($url, $files,$data=array()) {


    if (!is_array($files)) {
        //Convert to array
        $files[] = $files;
    }
    $n = sizeof($files);
    for ($i = 0; $i < $n; $i++) {
        $data['file' + $i] = "@" . $files[$i];
    }
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 2);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);

    $response = curl_exec($ch);
    return $response;
}

Is there any curl option ?

1 answers

solution1
 2  2013-03-27 14:33:24

With this it seems like the request is from firefox: 

curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.6 (KHTML, like Gecko) Chrome/16.0.897.0 Safari/535.6');

With this the upload seems to come from the actual site: 

curl_setopt ($ch, CURLOPT_REFERER, "http://domain you should have come from");

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to protect from file upload attack in php? PHP upload file with curl PHP cURL file upload PHP - cURL file upload Upload a file with php curl cURL Upload File to PHP PHP file upload and curl Curl File Upload Php Curl PHP File Upload Upload file with put PHP Curl
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM