RFI Vulnerability: Arises and Defence

RFI is a type of attack which attacker tried to execute PHP commands. I have explained both Remote Command and Code execution in previous post. Read here

The bellow code is an example of RFI enabled PHP page.

<?php echo '<h><b><i>_TERMINAL_CODERS_</i></b></h>'; $file =$_GET['page']; include($file); ?>

Save this as page.php and open the URL,

http://localhost/path/to/page.php?page=http://www.terminalcoders.blogspot.in

you can see the http://www.terminalcoders.blogspot.in opened in your browser on localhost.

Some Protection methods

To protect from RFI with simple way edit the php.ini file. Open php.ini in editor. Find allow_url_fopen and allow_url_include and change from on to off . It will resist the page from inclusion of remte page...

Edit php.ini and change from on to off register_globals, and use E_STRICT to find uninitialized variables.

Next is editing of .htaccess in apache server. Copy the bellow code and add this to .htaccess

RewriteEngine On RewriteBase / RewriteCond %{QUERY_STRING} ^.*=(ht)|(f)+(tp)+(://|s://)+.*(\?\?)+ RewriteRule .* http://www.terminalcoders.blogspot.in [R,L]

It will redirect the malicious query  included request to the http://www.terminalcoders.blogspot.in