Is it possible to disable/prevent user from chaneg CURLOPT_REFERER in curl?
Hello
For security reason we would like to disable user's php code to use CURLOPT_REFERER on CURL.
Is it possible to prevent it?
Regards
-
Hello :) While you could disable cURL itself through a custom php.ini file if you are using suPHP, I am not sure it's possible to disable CURLOPT_REFERER on a per-account basis. Could you elaborate on the specific security concern you have with it? Thank you. 0 -
Hello There is a "Report-Type: login-attack Service: bruteforcelogin" attack from a script on our server to another server: [QUOTE][15/Jan/2014:11:52:25 +0100] "POST wp-login.php HTTP/1.1" 200 3783 "-" "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0"
I can't find the script because it changes the CURLOPT_REFERER0
Please sign in to leave a comment.
Comments
2 comments