Telling between a "natural" HTTP 404 and a PHP Generated one
Posted
by
JCOC611
on Stack Overflow
See other posts from Stack Overflow
or by JCOC611
Published on 2011-01-06T17:56:18Z
Indexed on
2011/01/06
18:54 UTC
Read the original article
Hit count: 304
So I have a file that should never be accessed by a user directly, but included in another PHP file. If the file is called directly, it generates a HTTP Status 404 Not Found to trick a possible attacker that such file doesn't exist. However, if the hacker could tell that the 404 was generated by PHP or is not "natural" then the whole point of the header would be lost. So is it possible to tell whether the 404 was generated by the server naturally (because the file really doesn't exist) or by a PHP code?
PS: I know this question might seem pretty weird lol
© Stack Overflow or respective owner