roopurt18 Posted July 6, 2007 Share Posted July 6, 2007 I'm curious if anyone has used PHP's rename_function() to increase security for their site. Apache can be set to execute scripts before and after every request, so why not rename certain functions, such as mysql_query(), to company specific names that only the developers know. Then you could create a new mysql_query() function that logs user information. Does anyone else think that could help increase site security? Quote Link to comment Share on other sites More sharing options...
redbullmarky Posted July 6, 2007 Share Posted July 6, 2007 i'd be more worried about holes that allow running of scripts anyway, but i can appreciate that it does happen. Quote Link to comment Share on other sites More sharing options...
roopurt18 Posted July 6, 2007 Author Share Posted July 6, 2007 I completely agree; however, it's impossible to make a site completely secure. The best we can hope for is to make it difficult enough that only the most clever individuals can bypass security measures. The suggestion I started this topic with would really only be used in the more extreme situations, such as protecting bank or credit card information IMO. Quote Link to comment Share on other sites More sharing options...
448191 Posted July 9, 2007 Share Posted July 9, 2007 Most security issues are caused by input, these aren't circumvented by changing function names. The only scenario in which it may be useful is code injection, but I'm afraid renaming a few functions won't do you any good if an attacker can inject arbitrary code. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.