Quote:
Originally Posted by Nookster
Uhm, not quite. There's generators, but not full-blown firewalls. Point some out if you think I'm wrong. And by the way, a firewall coded in PHP is vulnerable to everything PHP is. I would have coded one in C if you wanted to get the job done right.  |
I think firewall is more of a marketing term, it's supposed to be blanket protection for php scripts, etc.. but either way your right, it's still vulnerable to everything php is (as far as actual php exploits, not saying it's coded poorly and allows mysql injection, etc..). And also, if it's written in php, unless they've found some crazy voodoo shit, this code is being executed ontop of the script already being executed for anything it's protected, which could be an issue on high traffic sites (wish we could get an answer on overhead).
Either way, i agree, if you wanted to do this right, you should of wrote an apache module / php extension or something w/ a compiled language, this isn't something i feel should be scripted.