Bad Browser Protection is a part of website security. A part of hackers are using browser injection method for break security of a website. So we need to ensure strong security against bad browsers. In this article, we are going to learn about how to protect a bad browser and make more secure a website.
How A Hacker Inject Via Browser?
If you have a community website and you provides all information of a user like a user browser, user IP, and other information when they log in and go to their profile. A hacker will take this path and they can change their browser information and can set browsers information as they like. If you not secured to save browser then they can easily inject on your website and can get to take full access of your website.
How to protect bad browser?
For protecting invalid browser we can create a function using PHP. By using this PHP function we can easily detect and protect bad browsers. Let's create this function. Make a function name as BrowserProtect() and write down some codes,
<?php
function BrowserProtect()
{
$user_agent = $_SERVER['HTTP_USER_AGENT'];
if(preg_match('/(union|select|curl|copy|system|exec|benchmark|schema|password|pass|delete|co518|php|wget|insert|itskool|h4ck|hack|etc/pass|phpinfo|wget|curl|cmd|system|exec|union|order|copy)/i',strtolower($user_agent)))
{
echo 'Invalid Browser Detected!<br/> Please Back With a good browser!';
exit;
}
?>Now call this function every page where you want to make secured. You can add this code into your functions file and can call it. Let's see how to do that.
Create a file name as browserProtect.php in write down this function into browserProtect.php file and add this file into everypage. you can add this using include(); function.
if you create this function and add this function then you should know that, how this function works. By using $_SERVER['HTTP_USER_AGENT'] script find user browser and detect it and in this function we use some words by which hacker can inject. By using preg_match() function will find bad words from user browser. If it would find any injectable word or text in the browser then it will print Invalid Browser Detected! Please Back With a good browser!
Suppose you want to protect your index.php file then write down code like this,
index.php
Create a file name as browserProtect.php in write down this function into browserProtect.php file and add this file into everypage. you can add this using include(); function.
How this function works?
if you create this function and add this function then you should know that, how this function works. By using $_SERVER['HTTP_USER_AGENT'] script find user browser and detect it and in this function we use some words by which hacker can inject. By using preg_match() function will find bad words from user browser. If it would find any injectable word or text in the browser then it will print Invalid Browser Detected! Please Back With a good browser!
Who to use this function?
Suppose you want to protect your index.php file then write down code like this,
index.php
<?php
header("Content-type: text/html; charset=UTF-8");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
function BrowserProtect()
{
$user_agent = $_SERVER['HTTP_USER_AGENT'];
if(preg_match('/(union|select|curl|copy|system|exec|benchmark|schema|password|pass|delete|co518|php|wget|insert|itskool|h4ck|hack|etc/pass|phpinfo|wget|curl|cmd|system|exec|union|order|copy)/i',strtolower($user_agent)))
{
echo 'Invalid Browser Detected!<br/> Please Back With a good browser!';
exit;
}
// Put index.php code here
?>
Don't Miss: Dynamic Multi-Color Menu
If you are an ideal developer you should take a step against bad browsers and make website safe. Now start Bad Browser Protection and be safer.
If you have any question or comment about this Bad Browser Protection article please don't hesitate to do that, please comment your question in comment section.
