Author Topic: Need some help. (Website & PHP) (Read 2700 times)

LuaTenshi · « **on:** October 18, 2013, 10:44:04 PM »

I was wondering how would I stop things like...

?=PHPE9568F36-D428-11d2-A769-00AA001ACF42A PHP Easter egg.

and...

?=;"A strange blank page that has the forums theme.

from bringing up pages that I do not want my users to see.

I have recently installed this... http://www.php-firewall.info/ ( not even sure if its working... ). But it has not fixed what I wanted it to fix.

...and yes I am very new to this whole thing.

Megiddo · « **Reply #1 on:** October 19, 2013, 07:32:39 AM »

Take a step back: why does it matter? If users are hand-crafting URLs, of course they'll get odd results.

JamminR · « **Reply #2 on:** October 19, 2013, 08:35:42 AM »

Megiddo, because each version of PHP has it's own egg, and, each version has it's own set of potential vulnerabilities.
It's a limited method of determining PHP version, which then could lead to more specific attack vectors.

Using google, 'disable PHP easter egg', I found this nice article explaining some of it, including some solutions.
http://blog.detectify.com/post/34559130700/do-you-dare-to-show-your-php-easter-egg

Ulysses

Author Topic: Need some help. (Website & PHP) (Read 2700 times)

LuaTenshi

Need some help. (Website & PHP)

Megiddo

Re: Need some help. (Website & PHP)

JamminR

Re: Need some help. (Website & PHP)