tag:forum.selfhtml.org,2005:/self
Wie kann meine Website schutz gegen Angreifen – SELFHTML-Forum
2019-01-10T08:39:17Z
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740022#m1740022
liebewinter
htmlkurss@web.de
2019-01-04T18:21:22Z
2019-01-04T18:21:22Z
Wie kann meine Website schutz gegen Angreifen
<p>Hallo , ich möchte euch fragen eure Meinung wie kann meine Website von angreifen schutz…</p>
<p>Beispiel ,gegen <a href="https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29" rel="nofollow noopener noreferrer">XSS</a> angreift...ich möchte auch lerne wie ich eine URL in PHP Sicher machen…</p>
<p>Brauchen euch nicht viele schreiben , nur mit Links wo erzählt wie man das macht ,auch Links in Englisch Sprache sind willkommen... ☺️</p>
<p>Vielennn danke !</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740023#m1740023
beatovich
https://beat-stoecklin.ch/pub/musik-gitarrenunterricht-laufental.html
2019-01-04T19:18:57Z
2019-01-04T19:18:57Z
Wie kann meine Website schutz gegen Angreifen
<p>hallo</p>
<p><a href="https://www.owasp.org/index.php/Main_Page" rel="nofollow noopener noreferrer">https://www.owasp.org/index.php/Main_Page</a></p>
<div class="signature">-- <br>
<a href="https://beat-stoecklin.ch/pub/index.html" rel="nofollow noopener noreferrer">https://beat-stoecklin.ch/pub/index.html</a>
</div>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740026#m1740026
Felix Riesterer
https://felix-riesterer.de
2019-01-05T01:37:59Z
2019-01-05T01:37:59Z
Wie kann meine Website schutz gegen Angreifen
<p>Liebe(r) liebewinter,</p>
<blockquote>
<p>wie kann meine Website von angreifen schutz…</p>
</blockquote>
<p>indem man weiß, was man tut. Das ist kein Scherz! Je besser Du weißt, was Du da tust, desto besser kannst Du Deinen PHP-Code so schreiben, dass Angriffe gegen Deine Seite erschwert werden.</p>
<p>Deine Frage zu beantworten ist sehr schwer, da es sehr stark darauf ankommt, wie Du Deinen Code aufbaust. Grundsätzlich musst Du alles, was an Daten an den Webserver geht, also <em><strong>alles im HTTP-Request, als potenziell böse behandeln</strong></em>, als wollte alles eine Schwachstelle in Deinem PHP-Code ausnützen. Wenn Du dann noch mit einer Datenbank wie MySQL oder ähnlichen arbeitest, musst Du auch noch dafür Sorge tragen, dass Daten aus dem Request nicht einfach so in den SQL-Code gelangen können.</p>
<p>Das Thema ist sehr komplex! Unterschätze es nicht!</p>
<p>Liebe Grüße,</p>
<p>Felix Riesterer.</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740028#m1740028
TS
ts-self@online.de
https://bitworks.de
2019-01-05T08:44:01Z
2019-01-05T08:44:01Z
Wie kann meine Website schutz gegen Angreifen
<p>Hello,</p>
<p>da muss man unterscheiden zwischen</p>
<ul>
<li>Angreifbarkeit wegen Systemlücken</li>
<li>Angreifbarkeit wegen Programmierfehlern</li>
<li>Angreifbarkeit wegen fehlender Angriffskontrolle und -abwehr</li>
</ul>
<p>Die dritte Variante musst Du bereits in deiner Programmierung vorsehen, z. B. durch Logging.</p>
<p>Wenn z. B. von einer IP 10x hintereinander ein fehlschlagender Anmeldeversuch erfolgt, kannst Du sie (durch Systemtools) sperren lassen. Das Gleiche für unerlaubte Uploads, usw.</p>
<p>Programmierfehler sind meistens solche, die ein unkontrolliertes Schreiben (z. B. durch Uploads) auf deinem Server ermöglichen. Die musst Du vermeiden!</p>
<p>Glück Auf<br>
Tom vom Berg</p>
<div class="signature">-- <br>
Es gibt nichts Gutes, außer man tut es!<br>
Das Leben selbst ist der Sinn.<br>
</div>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740089#m1740089
pl
2019-01-06T15:05:04Z
2019-01-06T15:05:04Z
Wie kann meine Website schutz gegen Angreifen
<p>Angreifer manipulieren Requestheader, täuschen z.B. einen ganz anderen Enctype vor als den sie senden. Das kann dazu führen, daß der Server solche Requests mit Informationen beantwortet die er im Regelbetrieb nicht herausgibt.</p>
<p>Ds Weiteren können Pufferüberläufe den Server und nachgelagerte Prozesse zum Absturz bringen was auch gewisse Schäden verursacht.</p>
<p>Sowas zu Prüfen und zu sichern ist ein weites Betätigungsfeld.</p>
<p>MfG</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740027#m1740027
Felix Riesterer
https://felix-riesterer.de
2019-01-05T01:40:45Z
2019-01-05T01:40:45Z
Wie kann meine Website schutz gegen Angreifen
<p>Lieber beatovich,</p>
<p>bei aller Liebe, aber die Links in Deinem Posting sind nicht dazu geeignet, die Frage des OP auch nur im entferntesten zu beantworten!</p>
<p>Liebe Grüße,</p>
<p>Felix Riesterer.</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740174#m1740174
liebewinter
htmlkurss@web.de
2019-01-07T17:54:10Z
2019-01-07T17:54:10Z
Wie kann meine Website schutz gegen Angreifen
<p>jetzt habe keine Datenbank , erste möchte meine Website vertig machen...ich <a href="http://htmlkurss.xyz/index.php" rel="nofollow noopener noreferrer">habe</a> eine Website als probe gemacht , ich möchte erste lernen mit ihre... ich habe auf ihn nur zwei PHP , sie sind diesen...</p>
<p><strong>Erste:</strong></p>
<pre><code class="block language-php"><span class="token php language-php"><span class="token delimiter important"><?php</span>
<span class="token keyword">class</span> <span class="token class-name-definition class-name">ClassProveContakt3</span>
<span class="token punctuation">{</span>
<span class="token keyword">private</span> <span class="token variable">$Name</span><span class="token punctuation">;</span>
<span class="token keyword">private</span> <span class="token variable">$Email</span><span class="token punctuation">;</span>
<span class="token keyword">private</span> <span class="token variable">$Message</span><span class="token punctuation">;</span>
<span class="token keyword">private</span> <span class="token variable">$PostOK</span> <span class="token operator">=</span> <span class="token constant boolean">false</span><span class="token punctuation">;</span>
<span class="token keyword">private</span> <span class="token variable">$DateTime</span> <span class="token operator">=</span> <span class="token constant boolean">false</span><span class="token punctuation">;</span>
<span class="token keyword">private</span> <span class="token variable">$items</span> <span class="token operator">=</span> <span class="token constant boolean">false</span><span class="token punctuation">;</span>
<span class="token keyword">function</span> <span class="token function-definition function">__construct</span><span class="token punctuation">(</span><span class="token punctuation">)</span>
<span class="token punctuation">{</span>
<span class="token variable">$this</span> <span class="token operator">-></span> <span class="token property">DateTime</span> <span class="token operator">=</span> <span class="token function">date</span><span class="token punctuation">(</span><span class="token string single-quoted-string">'m/d/Y h:i:s a'</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token variable">$this</span> <span class="token operator">-></span> <span class="token property">items</span> <span class="token operator">=</span> <span class="token punctuation">[</span><span class="token string single-quoted-string">'Name'</span><span class="token punctuation">,</span> <span class="token string single-quoted-string">'Email'</span><span class="token punctuation">,</span> <span class="token string single-quoted-string">'Message'</span><span class="token punctuation">]</span><span class="token punctuation">;</span>
<span class="token variable">$flag</span> <span class="token operator">=</span> <span class="token constant boolean">true</span><span class="token punctuation">;</span>
<span class="token keyword">foreach</span> <span class="token punctuation">(</span> <span class="token variable">$this</span> <span class="token operator">-></span> <span class="token property">items</span> <span class="token keyword">as</span> <span class="token variable">$key</span> <span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span> <span class="token keyword">empty</span> <span class="token punctuation">(</span> <span class="token variable">$_POST</span><span class="token punctuation">[</span><span class="token variable">$key</span><span class="token punctuation">]</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token variable">$flag</span> <span class="token operator">=</span> <span class="token constant boolean">false</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span> <span class="token keyword">else</span> <span class="token punctuation">{</span>
<span class="token variable">$this</span> <span class="token operator">-></span> <span class="token variable">$key</span> <span class="token operator">=</span> <span class="token function">trim</span><span class="token punctuation">(</span> <span class="token function">filter_var</span><span class="token punctuation">(</span> <span class="token variable">$_POST</span><span class="token punctuation">[</span><span class="token variable">$key</span><span class="token punctuation">]</span><span class="token punctuation">,</span> <span class="token constant">FILTER_SANITIZE_STRING</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
<span class="token variable">$this</span> <span class="token operator">-></span> <span class="token property">PostOk</span> <span class="token operator">=</span> <span class="token variable">$flag</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token keyword">function</span> <span class="token function-definition function">ShowForm</span><span class="token punctuation">(</span><span class="token punctuation">)</span>
<span class="token punctuation">{</span>
<span class="token delimiter important">?></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>form</span> <span class="token attr-name">method</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>POST<span class="token punctuation">"</span></span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>label</span> <span class="token attr-name">for</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>name<span class="token punctuation">"</span></span><span class="token punctuation">></span></span><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>b</span><span class="token punctuation">></span></span>Name * <span class="token tag"><span class="token tag"><span class="token punctuation"></</span>b</span><span class="token punctuation">></span></span><span class="token tag"><span class="token tag"><span class="token punctuation"></</span>label</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>input</span> <span class="token attr-name">type</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>text<span class="token punctuation">"</span></span> <span class="token attr-name">id</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>name<span class="token punctuation">"</span></span> <span class="token attr-name">name</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>Name<span class="token punctuation">"</span></span> <span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>label</span> <span class="token attr-name">for</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>email<span class="token punctuation">"</span></span><span class="token punctuation">></span></span><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>b</span><span class="token punctuation">></span></span> E-mail * <span class="token tag"><span class="token tag"><span class="token punctuation"></</span>b</span><span class="token punctuation">></span></span><span class="token tag"><span class="token tag"><span class="token punctuation"></</span>label</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>input</span> <span class="token attr-name">type</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>email<span class="token punctuation">"</span></span> <span class="token attr-name">id</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>email<span class="token punctuation">"</span></span> <span class="token attr-name">name</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>Email<span class="token punctuation">"</span></span> <span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>br</span><span class="token punctuation">></span></span><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>br</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>label</span><span class="token punctuation">></span></span><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>b</span><span class="token punctuation">></span></span> Message * <span class="token tag"><span class="token tag"><span class="token punctuation"></</span>b</span><span class="token punctuation">></span></span><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>br</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>textarea</span> <span class="token attr-name">cols</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>45<span class="token punctuation">"</span></span> <span class="token attr-name">rows</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>6<span class="token punctuation">"</span></span> <span class="token attr-name">name</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>Message<span class="token punctuation">"</span></span><span class="token punctuation">></span></span><span class="token tag"><span class="token tag"><span class="token punctuation"></</span>textarea</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>label</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>br</span><span class="token punctuation">></span></span><span class="token tag"><span class="token tag"><span class="token punctuation"><</span>br</span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"><</span>input</span> <span class="token attr-name">type</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>submit<span class="token punctuation">"</span></span> <span class="token attr-name">name</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>post<span class="token punctuation">"</span></span> <span class="token attr-name">value</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>POST COMMENT<span class="token punctuation">"</span></span> <span class="token attr-name">id</span><span class="token attr-value"><span class="token punctuation attr-equals">=</span><span class="token punctuation">"</span>comment<span class="token punctuation">"</span></span><span class="token punctuation">></span></span>
<span class="token tag"><span class="token tag"><span class="token punctuation"></</span>form</span><span class="token punctuation">></span></span>
<span class="token php language-php"><span class="token delimiter important"><?php</span>
<span class="token punctuation">}</span>
<span class="token keyword">function</span> <span class="token function-definition function">PostOkT</span><span class="token punctuation">(</span><span class="token punctuation">)</span>
<span class="token punctuation">{</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token variable">$this</span> <span class="token operator">-></span> <span class="token property">PostOK</span><span class="token punctuation">)</span>
<span class="token punctuation">{</span>
<span class="token keyword">return</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span><span class="token keyword">empty</span><span class="token punctuation">(</span><span class="token variable">$this</span><span class="token operator">-></span><span class="token property">Name</span><span class="token punctuation">)</span> <span class="token operator">||</span> <span class="token keyword">empty</span><span class="token punctuation">(</span><span class="token variable">$this</span><span class="token operator">-></span><span class="token property">Email</span><span class="token punctuation">)</span> <span class="token operator">||</span> <span class="token keyword">empty</span><span class="token punctuation">(</span><span class="token variable">$this</span><span class="token operator">-></span><span class="token property">Message</span><span class="token punctuation">)</span><span class="token punctuation">)</span>
<span class="token punctuation">{</span>
<span class="token keyword">echo</span> <span class="token string double-quoted-string">"<br>"</span> <span class="token operator">.</span> <span class="token string double-quoted-string">"<b>"</span> <span class="token operator">.</span> <span class="token string double-quoted-string">"<h3>*** Please enter all required fields ***</h3>"</span> <span class="token operator">.</span> <span class="token string double-quoted-string">"</b>"</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token keyword">else</span>
<span class="token punctuation">{</span>
<span class="token variable">$file</span> <span class="token operator">=</span> <span class="token string double-quoted-string">"test.txt"</span><span class="token punctuation">;</span>
<span class="token variable">$datetime</span> <span class="token operator">=</span> <span class="token function">date</span><span class="token punctuation">(</span><span class="token string single-quoted-string">'m/d/Y h:i:s a'</span><span class="token punctuation">,</span> <span class="token function">time</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token variable">$data</span> <span class="token operator">=</span> <span class="token keyword">array</span><span class="token punctuation">(</span><span class="token string double-quoted-string">"name"</span> <span class="token operator">=></span> <span class="token variable">$this</span><span class="token operator">-></span><span class="token property">Name</span><span class="token punctuation">,</span> <span class="token string double-quoted-string">"email"</span> <span class="token operator">=></span> <span class="token variable">$this</span><span class="token operator">-></span><span class="token property">Email</span><span class="token punctuation">,</span> <span class="token string double-quoted-string">"message"</span> <span class="token operator">=></span> <span class="token variable">$this</span><span class="token operator">-></span><span class="token property">Message</span><span class="token punctuation">,</span> <span class="token string double-quoted-string">"datetime"</span> <span class="token operator">=></span> <span class="token variable">$this</span> <span class="token operator">-></span> <span class="token property">DateTime</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token variable">$data</span> <span class="token operator">=</span> <span class="token function">json_encode</span><span class="token punctuation">(</span><span class="token variable">$data</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token function">file_put_contents</span><span class="token punctuation">(</span><span class="token variable">$file</span><span class="token punctuation">,</span> <span class="token variable">$data</span> <span class="token operator">.</span> <span class="token string double-quoted-string">"\n"</span><span class="token punctuation">,</span> <span class="token class-name">FILE_APPEND</span><span class="token operator">|</span><span class="token class-name">LOCK_EX</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token variable">$messages</span> <span class="token operator">=</span> <span class="token function">file</span><span class="token punctuation">(</span><span class="token variable">$file</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">foreach</span> <span class="token punctuation">(</span><span class="token variable">$messages</span> <span class="token keyword">as</span> <span class="token variable">$value</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token variable">$data</span> <span class="token operator">=</span> <span class="token function">json_decode</span><span class="token punctuation">(</span><span class="token variable">$value</span><span class="token punctuation">,</span> <span class="token constant boolean">true</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">echo</span> <span class="token string double-quoted-string">"<br>"</span>
<span class="token operator">.</span> <span class="token string double-quoted-string">"<b>From: </b>"</span> <span class="token operator">.</span> <span class="token function">htmlspecialchars</span><span class="token punctuation">(</span> <span class="token variable">$data</span><span class="token punctuation">[</span><span class="token string double-quoted-string">"name"</span><span class="token punctuation">]</span><span class="token punctuation">)</span>
<span class="token operator">.</span> <span class="token string double-quoted-string">"<b> at: </b>"</span> <span class="token operator">.</span> <span class="token function">htmlspecialchars</span><span class="token punctuation">(</span> <span class="token variable">$data</span><span class="token punctuation">[</span><span class="token string double-quoted-string">"datetime"</span><span class="token punctuation">]</span><span class="token punctuation">)</span>
<span class="token comment">#. "<br><br>" . htmlspecialchars( $data["email"]) </span>
<span class="token operator">.</span> <span class="token string double-quoted-string">"<br><br>"</span> <span class="token operator">.</span> <span class="token function">htmlspecialchars</span><span class="token punctuation">(</span> <span class="token variable">$data</span><span class="token punctuation">[</span><span class="token string double-quoted-string">"message"</span><span class="token punctuation">]</span><span class="token punctuation">)</span>
<span class="token operator">.</span> <span class="token string double-quoted-string">"<br><hr>"</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
<span class="token variable">$me</span> <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">ClassProveContakt3</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token variable">$me</span> <span class="token operator">-></span> <span class="token function">ShowForm</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token variable">$me</span> <span class="token operator">-></span> <span class="token function">PostOkT</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token delimiter important">?></span></span>
</code></pre>
<p><strong>Zweite:</strong></p>
<pre><code class="block language-php"><span class="token php language-php"><span class="token delimiter important"><?php</span>
<span class="token keyword">class</span> <span class="token class-name-definition class-name">NavigationLinkList</span> <span class="token punctuation">{</span>
<span class="token keyword">private</span> <span class="token variable">$current_page</span><span class="token punctuation">;</span>
<span class="token keyword">private</span> <span class="token variable">$arLinks</span><span class="token punctuation">;</span>
<span class="token keyword">public</span> <span class="token keyword">function</span> <span class="token function-definition function">__construct</span><span class="token punctuation">(</span> <span class="token variable">$arNewLinks</span> <span class="token operator">=</span> <span class="token constant boolean">false</span> <span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token variable">$this</span> <span class="token operator">-></span> <span class="token property">arLinks</span> <span class="token operator">=</span> <span class="token punctuation">[</span><span class="token punctuation">]</span><span class="token punctuation">;</span>
<span class="token variable">$this</span> <span class="token operator">-></span> <span class="token function">addLinks</span> <span class="token punctuation">(</span> <span class="token variable">$arNewLinks</span> <span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token variable">$this</span> <span class="token operator">-></span> <span class="token property">current_page</span> <span class="token operator">=</span> <span class="token variable">$_SERVER</span><span class="token punctuation">[</span><span class="token string single-quoted-string">'REQUEST_URI'</span><span class="token punctuation">]</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token keyword">public</span> <span class="token keyword">function</span> <span class="token function-definition function">addLinks</span> <span class="token punctuation">(</span> <span class="token variable">$arNewLinks</span> <span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token variable">$flagErrors</span> <span class="token operator">=</span> <span class="token constant boolean">false</span><span class="token punctuation">;</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span> <span class="token keyword">isset</span><span class="token punctuation">(</span> <span class="token variable">$arNewLinks</span><span class="token punctuation">[</span><span class="token string single-quoted-string">'URL'</span><span class="token punctuation">]</span> <span class="token punctuation">)</span> <span class="token operator">&&</span> <span class="token keyword">isset</span><span class="token punctuation">(</span> <span class="token variable">$arNewLinks</span><span class="token punctuation">[</span><span class="token string single-quoted-string">'TEXT'</span><span class="token punctuation">]</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span> <span class="token punctuation">{</span> <span class="token comment">#Auf diesen if ,baut der array ... </span>
<span class="token function">array_push</span><span class="token punctuation">(</span> <span class="token variable">$this</span> <span class="token operator">-></span> <span class="token property">arLinks</span><span class="token punctuation">,</span> <span class="token variable">$arNewLinks</span> <span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token keyword">return</span> <span class="token constant boolean">true</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span> <span class="token function">is_array</span> <span class="token punctuation">(</span> <span class="token variable">$arNewLinks</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token keyword">foreach</span> <span class="token punctuation">(</span> <span class="token variable">$arNewLinks</span> <span class="token keyword">as</span> <span class="token variable">$NewLink</span> <span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span> <span class="token keyword">isset</span><span class="token punctuation">(</span> <span class="token variable">$NewLink</span><span class="token punctuation">[</span><span class="token string single-quoted-string">'URL'</span><span class="token punctuation">]</span> <span class="token punctuation">)</span> <span class="token operator">&&</span> <span class="token keyword">isset</span><span class="token punctuation">(</span> <span class="token variable">$NewLink</span><span class="token punctuation">[</span><span class="token string single-quoted-string">'TEXT'</span><span class="token punctuation">]</span> <span class="token punctuation">)</span> <span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token function">array_push</span><span class="token punctuation">(</span> <span class="token variable">$this</span> <span class="token operator">-></span> <span class="token property">arLinks</span><span class="token punctuation">,</span> <span class="token variable">$NewLink</span> <span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span> <span class="token keyword">else</span> <span class="token punctuation">{</span>
<span class="token variable">$flagErrors</span> <span class="token operator">=</span> <span class="token constant boolean">true</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token keyword">return</span> <span class="token constant boolean">false</span> <span class="token operator">==</span> <span class="token variable">$flagErrors</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token keyword">public</span> <span class="token keyword">function</span> <span class="token function-definition function">printNav</span><span class="token punctuation">(</span><span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token keyword">echo</span> <span class="token string single-quoted-string">'
<form class="link_wechsel">
<ul>'</span> <span class="token operator">.</span> <span class="token constant">PHP_EOL</span><span class="token punctuation">;</span>
<span class="token keyword">foreach</span> <span class="token punctuation">(</span> <span class="token variable">$this</span> <span class="token operator">-></span> <span class="token property">arLinks</span> <span class="token keyword">as</span> <span class="token variable">$link</span> <span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token keyword">if</span> <span class="token punctuation">(</span> <span class="token variable">$this</span> <span class="token operator">-></span> <span class="token property">current_page</span> <span class="token operator">==</span> <span class="token variable">$link</span><span class="token punctuation">[</span><span class="token string single-quoted-string">'URL'</span><span class="token punctuation">]</span> <span class="token punctuation">)</span> <span class="token punctuation">{</span>
<span class="token variable">$aria</span> <span class="token operator">=</span> <span class="token string single-quoted-string">' aria-current="page"'</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span> <span class="token keyword">else</span> <span class="token punctuation">{</span>
<span class="token variable">$aria</span> <span class="token operator">=</span> <span class="token string single-quoted-string">''</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token keyword">echo</span> <span class="token string single-quoted-string">' <li><a'</span> <span class="token operator">.</span> <span class="token variable">$aria</span> <span class="token operator">.</span> <span class="token string single-quoted-string">' href='</span> <span class="token operator">.</span> <span class="token variable">$link</span><span class="token punctuation">[</span><span class="token string single-quoted-string">'URL'</span><span class="token punctuation">]</span> <span class="token operator">.</span><span class="token string single-quoted-string">'>'</span> <span class="token operator">.</span> <span class="token variable">$link</span><span class="token punctuation">[</span><span class="token string single-quoted-string">'TEXT'</span><span class="token punctuation">]</span> <span class="token operator">.</span> <span class="token string single-quoted-string">'</a></li>'</span> <span class="token operator">.</span> <span class="token constant">PHP_EOL</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token keyword">echo</span> <span class="token string single-quoted-string">'
</ul>
</form>'</span> <span class="token operator">.</span> <span class="token constant">PHP_EOL</span><span class="token punctuation">;</span>
<span class="token punctuation">}</span>
<span class="token punctuation">}</span>
<span class="token variable">$_SERVER</span><span class="token punctuation">[</span><span class="token string single-quoted-string">'REQUEST_URI'</span><span class="token punctuation">]</span><span class="token punctuation">;</span>
<span class="token variable">$navListe</span> <span class="token operator">=</span> <span class="token keyword">new</span> <span class="token class-name">NavigationLinkList</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token variable">$navListe</span> <span class="token operator">-></span> <span class="token function">addLinks</span><span class="token punctuation">(</span> <span class="token punctuation">[</span> <span class="token string single-quoted-string">'URL'</span> <span class="token operator">=></span> <span class="token string single-quoted-string">'/meine/windows.php'</span><span class="token punctuation">,</span> <span class="token string single-quoted-string">'TEXT'</span> <span class="token operator">=></span> <span class="token string single-quoted-string">'1'</span> <span class="token punctuation">]</span> <span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token variable">$navListe</span> <span class="token operator">-></span> <span class="token function">addLinks</span><span class="token punctuation">(</span> <span class="token punctuation">[</span> <span class="token string single-quoted-string">'URL'</span> <span class="token operator">=></span> <span class="token string single-quoted-string">'/meine/windows_2.php'</span><span class="token punctuation">,</span> <span class="token string single-quoted-string">'TEXT'</span> <span class="token operator">=></span> <span class="token string single-quoted-string">'2'</span> <span class="token punctuation">]</span> <span class="token punctuation">)</span><span class="token punctuation">;</span>
<span class="token variable">$navListe</span> <span class="token operator">-></span> <span class="token function">printNav</span><span class="token punctuation">(</span><span class="token punctuation">)</span><span class="token punctuation">;</span>
</span></code></pre>
<p>man kann sage , das ich diesen Code von euch bekomme habe ☺️ ,was ist deine Meinung ??</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740032#m1740032
beatovich
https://beat-stoecklin.ch/pub/musik-gitarrenunterricht-laufental.html
2019-01-05T10:39:17Z
2019-01-05T10:39:17Z
Wie kann meine Website schutz gegen Angreifen
<p>hallo</p>
<blockquote>
<p>Lieber beatovich,</p>
</blockquote>
<blockquote>
<p>... aber die Links in Deinem Posting sind nicht dazu geeignet, die Frage des OP auch nur im entferntesten zu beantworten!</p>
</blockquote>
<p>Ich höre auf die Begründung und hol' schon mal das Popkorn raus.</p>
<div class="signature">-- <br>
<a href="https://beat-stoecklin.ch/pub/index.html" rel="nofollow noopener noreferrer">https://beat-stoecklin.ch/pub/index.html</a>
</div>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740176#m1740176
liebewinter
htmlkurss@web.de
2019-01-07T18:01:02Z
2019-01-07T18:01:02Z
Wie kann meine Website schutz gegen Angreifen
<blockquote>
<p>Programmierfehler sind meistens solche, die ein unkontrolliertes Schreiben (z. B. durch Uploads) auf deinem Server ermöglichen. Die musst Du vermeiden!</p>
</blockquote>
<p>auf <a href="http://htmlkurss.xyz/index.php" rel="nofollow noopener noreferrer">meine</a> website(jetzt habe nur als probe..) man kann nichts Upload...</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740036#m1740036
Felix Riesterer
https://felix-riesterer.de
2019-01-05T11:38:42Z
2019-01-05T11:38:42Z
Wie kann meine Website schutz gegen Angreifen
<p>Lieber beatovich,</p>
<blockquote>
<p>Ich höre auf die Begründung und hol' schon mal das Popkorn raus.</p>
</blockquote>
<p>die von Dir verlinkte Seite enthält keine Anleitungen oder Artikel, wie @liebewinter ihren Code besser schreibt. Vom Standpunkt ihres Wissens aus ist die verlinkte Seite nur eine Auflistung von Projekten, die sich alle sichere Software auf die Fahnen geschrieben haben, aber kein einziger Erklärbär-Artikel gegen XSS whatsoever.</p>
<p>Liebe Grüße,</p>
<p>Felix Riesterer.</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740042#m1740042
beatovich
https://beat-stoecklin.ch/pub/musik-gitarrenunterricht-laufental.html
2019-01-05T12:13:36Z
2019-01-05T12:13:36Z
Wie kann meine Website schutz gegen Angreifen
<p>hallo</p>
<blockquote>
<p>Lieber beatovich,</p>
<blockquote>
<p>Ich höre auf die Begründung und hol' schon mal das Popkorn raus.</p>
</blockquote>
<p>die von Dir verlinkte Seite</p>
</blockquote>
<p>website</p>
<blockquote>
<p>... enthält keine Anleitungen oder Artikel,</p>
</blockquote>
<p><a href="https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet" rel="nofollow noopener noreferrer">https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet</a></p>
<p>Die Website ist so umfangreich, dass auch du die Suchfunktion verwenden könntest.</p>
<blockquote>
<p>wie @liebewinter ihren Code besser schreibt. Vom Standpunkt ihres Wissens aus ist die verlinkte Seite</p>
</blockquote>
<p>website</p>
<blockquote>
<p>nur eine Auflistung von Projekten, die sich alle sichere Software auf die Fahnen geschrieben haben, aber kein einziger Erklärbär-Artikel gegen XSS whatsoever.</p>
</blockquote>
<p>wzbw</p>
<div class="signature">-- <br>
<a href="https://beat-stoecklin.ch/pub/index.html" rel="nofollow noopener noreferrer">https://beat-stoecklin.ch/pub/index.html</a>
</div>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740043#m1740043
liebewinter
htmlkurss@web.de
2019-01-05T12:34:47Z
2019-01-05T12:45:38Z
Wie kann meine Website schutz gegen Angreifen
<p><a href="/users/2153" class="mention registered-user" rel="noopener noreferrer">@beatovich</a> und <a href="/users/243" class="mention registered-user" rel="noopener noreferrer">@Felix Riesterer</a> , Bitte nicht streit .</p>
<p><a href="/users/2153" class="mention registered-user" rel="noopener noreferrer">@beatovich</a> , es Warh was Felix sagt , der Links die du mich gegeben hast sprechen allgemein , aber nichts etwas Konkret von was ich gefragt habe... .Ich bin sehr neue mit diesen sachen...</p>
<p>ich möchte Erste lerne wie Beispiel mein URL Baut ,zum Beispiel , wenn meine Website ist http://htmlkurss.xyz/ und habe eine datei http://htmlkurss.xyz/windows.php , wie kann Sicher machen , Beispiel mit <strong>Parameterwerten</strong> , bauen , http://htmlkurss.xyz/**&ff23?**windows.php .</p>
<p>Ich habe in internet nach gesucht um dieses sagen zu lerne , aber habe nichts gefunde...., deshalb habe Gestern hier gefragt... wenn ich dieser Sache gelerne habe , ich mochte prüft mit <a href="https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project" rel="nofollow noopener noreferrer"> OWASP ZAP</a> , wie Sicher meine Website ist…</p>
<p>ich wünsche alle beide eine Schöne Wochenende !</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740059#m1740059
liebewinter
htmlkurss@web.de
2019-01-05T20:06:39Z
2019-01-05T20:06:39Z
Wie kann meine Website schutz gegen Angreifen
<p>Nur zu fragen…
ist Besser eine URL mit Parameterwerten oder ohne ?</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740061#m1740061
beatovich
https://beat-stoecklin.ch/pub/musik-gitarrenunterricht-laufental.html
2019-01-05T20:43:47Z
2019-01-05T20:43:47Z
Wie kann meine Website schutz gegen Angreifen
<p>hallo</p>
<blockquote>
<p>Nur zu fragen…
ist Besser eine URL mit Parameterwerten oder ohne ?</p>
</blockquote>
<p>Daten, die den Zustand des Servers ändern, gehören via post übertragen.</p>
<div class="signature">-- <br>
<a href="https://beat-stoecklin.ch/pub/index.html" rel="nofollow noopener noreferrer">https://beat-stoecklin.ch/pub/index.html</a>
</div>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740082#m1740082
liebewinter
htmlkurss@web.de
2019-01-06T13:32:48Z
2019-01-06T13:32:48Z
Wie kann meine Website schutz gegen Angreifen
<p>so wie ich verstande habe , mit URL-Parameter oder ohne , die Sicherheit auf meine Website , Spiel keine rolle.....</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740084#m1740084
beatovich
https://beat-stoecklin.ch/pub/musik-gitarrenunterricht-laufental.html
2019-01-06T13:52:33Z
2019-01-06T13:52:33Z
Wie kann meine Website schutz gegen Angreifen
<p>hallo</p>
<blockquote>
<p>so wie ich verstande habe , mit URL-Parameter oder ohne , die Sicherheit auf meine Website , Spiel keine rolle.....</p>
</blockquote>
<p>Sei dir einfach im Klaren:
Alle Daten, die Bestandteil einer URL sind,</p>
<ul>
<li>können als Link an andere gesendet werden.</li>
<li>können als Bookmark gespeichert werden.</li>
<li>werden von Servern in Logfiles gespeichert.</li>
<li>werden von Bots indexiert.</li>
</ul>
<p>Es war zum Beispiel früher üblich, im Falle von deaktivierten Cookies Session-Id's als Querystring der URL anzuhängen, was Session-Diebstahl ermöglicht.</p>
<div class="signature">-- <br>
<a href="https://beat-stoecklin.ch/pub/index.html" rel="nofollow noopener noreferrer">https://beat-stoecklin.ch/pub/index.html</a>
</div>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740175#m1740175
liebewinter
htmlkurss@web.de
2019-01-07T17:56:09Z
2019-01-07T17:56:09Z
Wie kann meine Website schutz gegen Angreifen
<p>...und wie kann ich das verhindert ??</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740183#m1740183
Felix Riesterer
https://felix-riesterer.de
2019-01-07T22:32:44Z
2019-01-07T22:32:44Z
Wie kann meine Website schutz gegen Angreifen
<p>Liebe(r) liebewinter,</p>
<blockquote>
<p>...und wie kann ich das verhindert ??</p>
</blockquote>
<p>Du kannst so etwas nicht verhindern. Du kannst nur Dein PHP-Script so schreiben, dass es in solchen Fällen trotzdem genau das tut, was es soll.</p>
<p>Liebe Grüße,</p>
<p>Felix Riesterer.</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740359#m1740359
pl
2019-01-10T08:39:17Z
2019-01-10T08:39:17Z
Wie kann meine Website schutz gegen Angreifen
<blockquote>
<p>...und wie kann ich das verhindert ??</p>
</blockquote>
<p>Indem Du Dir anschaust wie sich solche Angriffe auswirken. Die Angriffe kannst Du zwar nicht verhindern aber die Auswirkungen.</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740185#m1740185
Felix Riesterer
https://felix-riesterer.de
2019-01-07T22:34:40Z
2019-01-07T22:35:43Z
Wie kann meine Website schutz gegen Angreifen
<p>Liebe(r) liebewinter,</p>
<blockquote>
<p>auf <a href="http://htmlkurss.xyz/index.php" rel="nofollow noopener noreferrer">meine</a> website(jetzt habe nur als probe..) man kann nichts Upload...</p>
</blockquote>
<p>aber man kann bei <a href="http://htmlkurss.xyz/contact.php" rel="nofollow noopener noreferrer">contact.php</a> und <a href="http://htmlkurss.xyz/windows8.php" rel="nofollow noopener noreferrer">windows8.php</a> Daten zur Verarbeitung an den Server senden. Wie werden diese Daten verarbeitet? Hier kann ein Sicherheitsrisiko entstehen.</p>
<p>Liebe Grüße,</p>
<p>Felix Riesterer.</p>
https://forum.selfhtml.org/self/2019/jan/4/wie-kann-meine-website-schutz-gegen-angreifen/1740190#m1740190
liebewinter
htmlkurss@web.de
2019-01-07T23:40:33Z
2019-01-07T23:40:33Z
Wie kann meine Website schutz gegen Angreifen
<p>und wie machen das ?....</p>