PHP网站安全告警 8.9.5 更新
2025-2-12 更新1.采用LRU算法匹配,性能提升3-7倍,基准测试机器为阿里云4核心4G的机器 PHP7.4 10个线程。wordpress 项目测试基准为10.68毫秒优化至1.68毫秒。thinkphp5.0.24 项目基准测试7.88毫秒优化至0.84毫秒(指的是模块执行耗时)
2.增加文件包含漏洞拦截
3.修复跨站读取文件判 断逻辑存在的问题
1、性能提升3-7 倍
wordpress 首页基准测试 总共70个hook点。总耗时如下。
时间类型为微秒 1秒=1000毫秒 1毫秒=1000微秒 相当于1秒=1000*1000 微秒
测试如下:总耗时为10869 微秒 = 10.8毫秒
time:966
time:95
time:135
time:133
time:298
time:191
time:120
time:174
time:113
time:168
time:85
time:90
time:85
time:90
time:102
time:127
time:89
time:141
time:107
time:209
time:219
time:179
time:230
time:182
time:188
time:132
time:136
time:130
time:236
time:219
time:118
time:187
time:125
time:194
time:129
time:96
time:144
time:113
time:106
time:91
time:119
time:116
time:120
time:218
time:128
time:219
time:197
time:156
time:123
time:125
time:146
time:175
time:159
time:156
time:150
time:179
time:176
time:160
time:136
time:127
time:91
time:116
time:85
time:126
time:86
time:85
time:108
time:112
time:142
time:161通过LRU加速如下总耗时为 1698 微秒 =1.69毫秒。
time:47
time:18
time:15
time:28
time:27
time:28
time:25
time:27
time:32
time:29
time:19
time:16
time:16
time:15
time:39
time:23
time:21
time:15
time:19
time:20
time:18
time:15
time:13
time:12
time:11
time:10
time:11
time:10
time:34
time:25
time:22
time:24
time:20
time:21
time:32
time:21
time:31
time:22
time:20
time:21
time:31
time:20
time:27
time:29
time:40
time:121
time:31
time:18
time:8
time:9
time:8
time:8
time:6
time:7
time:7
time:8
time:7
time:7
time:6
time:7
time:6
time:7
time:6
time:7
time:7
time:8
time:7
time:7
time:15
time:351
2.增加文件包含漏洞拦截
测试用例
这里使用的openrasp 的测试用例
已经兼容PHP8.4
页:
[1]