Protection against php curl



  • Through javascript, I'm sending a number to server if there's any way that a person can send a request through curl. I mean, I want the number to be exactly what's generated by javascript! Any decisions?



  • Any data that creates, stores and sends the customer (in this case, the baruzer) may be sent to the server by Curl. Dynamic names of variables for data, csrf can be used, code insulation that sends and generates data, but there are no solutions that will guarantee 100 per cent of expected data from the client. Any insulation may be de-infected, any defence algorithm or encryption may be scattered.

    The methods used will work only if the time and level of knowledge of the perpetrator is comparable to the value of the data obtained or the damage caused by the shipment of data other than the expected.

    Try to rethink the task and do it on the server side, for example.




Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2