We are getting spurious PHP Warnings
which we cannot duplicate.
All PHP Warning occur when we the following URL is [ .php?prod='0=A ]
is accessed.
All the domain addresses appear to be far-flung and seemingly unrelated to us or indeed each other and could well be malicious. We block an ip address and it pops up with a new ip address.
As I say we can't duplicate the error so I'm wondering if anyone has seen similar or has a suggestion as to how we can permanently block all access to [ .php?prod='0=A ]
I know this is perhaps not the best forum but frankly I'm stumped.
PHP Warning: mysql_fetch_assoc() expects parameter 1 to be resource, boolean given in
You can configure web server to block unwanted requests. Here is example of blocking ?prod='0=A
using nginx:
# %27 means ' character
if ($arg_prod = "%270=A") {
return 403;
}
Also I suggest you to take a look to ready WAF solutions like mod_security or naxsi to block suspicious requests automatically.
I think you are trying to fetch result form query but result is certainly false and it means there is a database error.
here is mysql_fetch_assoc doc check this
You can block such urls from your htaccess file with RewriteRule
RewriteCond %{QUERY_STRING} (?=%27|%22).*
RewriteRule ^.* - [F]
This rule will throw a 403 server response to forbid such urls. Instead of throwing a 403 Forbidden response you may redirect to index page
%27 - URL encoded value for single quotes
%22 - URL encoded value for double quotes
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.