ala888

Hello, Ive been looking up info on this type of attack, but sadly have not found extensive documentation on it.Aside from using $_REQUEST superglobals in include files, are my php files vulnerable to being downloaded before being parsed by php-fpm alongside nginx? And how must I safeguard against such attacks.

tldr: how do I safeguard my php source code from being directly downloaded ?

>using nginx on VPS

lets say apache runs as "www" on my system

a malicious attacker somehow hijacks and gains control of apache, cant he then just modify apache.conf so that on reboot, apache runs as sudo ? - which will then execute any malicious scripts the attacker planted beforehand ?are there any restrictions on what type of user apache can be run as simply by modifying its conf file ?

server{listen 80;server_name www.example.com;root /var/www/html;#whats the point of thislocation / {...}}

Doesnt root already take care of the filing system? Why is this necessary?

Or is root just a reserved variable for use with php's superglobal $_SERVER

p.s. is fastcgi_index directive really necessary when

location ~.php$ already filters out non php stuff?

broadcast address and network id reserved 0, and 255

Its common knowledge that a host portion of an IP address cannot be 0 or 255,

but can a network Id be? yes, right?

but for the sake of learning, it will work, right?as long as I dont care about contacting google.com via my web servers

Well, since I will be running a small personal website and wont need to search for google from my web servers, there should be no conflict, am I right?the internal network can literally be anything, and it would be a trivial fact - since the NAT of the router would be translating everything anyways.

Like the title says, whats the point of private IP addresses?

Since my network is going to pass through a router en route to the internet, and get NAT translated anyways, cant I designate an arbitrary IP address block for my network?

Ex. 24.1.0.0/16 rather than something like 10.0.0.0 ?What are the ramifications of doing this?

I noticed that major content delivering sites that are required to host their own set of images/video files have a sub domain i.

before their respective web addresses?

what does it represent, and what does it tell us about how they are storing their files? I know both websites are hosted on amazon aws.

But I dont know what the "i" means, and I feel like its a key piece in figuring out their storage solutions

Is there a large difference between using different vc versions? say I am not sure which visual c++ I have, can I just pick the lowest supported one and forget the rest?

ie. php_imagick-3.1.2-5.6-ts-vc9-x64.zip

rather than

php_imagick-3.1.2-5.6-ts-vc11-x64.zip

is there one that is higher up in the lookup chain than the other? i.e. if they have conflicting settings regarding access, which one would win out?

is there any fundamental difference between these two approaches to limiting access?

which one is better?/safer ?

in php extension listings

what do the abbreviations:

nts

ts

vc

rc

what do they mean, and what do they entail. google search yields nothing due to the short length of the keywords.Also, I feel as if there are a plethora of such terms, is there like an extensive documentation of them somewhere?

deez esoteric terms

everything else will evaluate to true:

thanks, that made it alot more clear! I thought it explicitly had to be the keyword 'true'

So essentially, I can be like

mysqli_connect("localhost","root","password"); since generic db is optional parameter

and since I am the root user

I can just query multiple databases via schema, yes?

In php, I often see code such as

if($X = mysqli_query($CON,$SQL){//some code}does the assignment of $X actually return a true value or something?

whats the point of mysqli_select_db if I can just refine my queries via schemas ?

Instead of saying mysqli_select_db('somedb','someconnection');

//do my query stuff.

cant I just do ?

//do my query stuff on `somedb`.`sometable`

?

how come this does not work then

<html><body><div id = "TEST" style="width:100%;height:100%;"></div><script>var x = eval("function(){document.getElementById('TEST').style.background = 'red';}");x();</script></body></html>

Not all browsers have native JSON support so there will be times where you need to use eval() to the JSON string. Use JSON parser from http://json.org as that handles everything a lot easier for you.Eval() is an evil but against some browsers its a necessary evil but where you can avoid it, do so!!!!!

Does eval() hand me back a string of the evaluated function ? does it plop down pure java script as a return value ?

I dont fully grasp the concept of why I need to use eval("("+JSON+")"); and not just eval(JSON);

nvm, I solved it! I was missing some brackets

So I tried implementing ajax by using a lambda function - failing horribly.

Why can I not pass into the onreadystatechange property a callback function that behaves in a similar manner to that of one that is passed as an argument? Is this some sort of syntax of JS that I am not aware of ?

alert(function(){return "Hello!";});//worksXMLHttpRequestObject.onreadystatechange = function(){alert("hello";)};//does not work

so what are the holes then? when a row gets deleted, why is there a hole? If not self-increment - what on earth results in their creation ?

what are these 'holes/gaps' that the developers refer to? do they mean auto increment holes?