laravel - 如何解决 Facade\Ignition\Http\Middleware\IgnitionEnabled?
问题描述
----------------------------------------------------------------------------------+
| Domain | Method | URI | Name | Action | Middleware
|
+--------+----------+----------------------------+------------------+------------------------------------------------------------------------+--------------------------------------------------
----------------------------------------------------------------------------------+
| | GET|HEAD | / | | Closure | web
|
| | POST | _ignition/execute-solution | | Facade\Ignition\Http\Controllers\ExecuteSolutionController | Facade\Ignition\Http\Middleware\IgnitionEnabled,F
acade\Ignition\Http\Middleware\IgnitionConfigValueEnabled:enableRunnableSolutions |
| | GET|HEAD | _ignition/health-check | | Facade\Ignition\Http\Controllers\HealthCheckController | Facade\Ignition\Http\Middleware\IgnitionEnabled
|
| | GET|HEAD | _ignition/scripts/{script} | | Facade\Ignition\Http\Controllers\ScriptController | Facade\Ignition\Http\Middleware\IgnitionEnabled
|
| | POST | _ignition/share-report | | Facade\Ignition\Http\Controllers\ShareReportController | Facade\Ignition\Http\Middleware\IgnitionEnabled,F
acade\Ignition\Http\Middleware\IgnitionConfigValueEnabled:enableShareButton |
| | GET|HEAD | _ignition/styles/{style} | | Facade\Ignition\Http\Controllers\StyleController | Facade\Ignition\Http\Middleware\IgnitionEnabled
解决方案
如果您的生产服务器中有大量随机攻击者发出的POST
请求/_ignition/execute-solution
,并且您注意到该请求调用了以下控制器和中间件:
Controller Facade\Ignition\Http\Controllers\ExecuteSolutionController
Middleware Facade\Ignition\Http\Middleware\IgnitionEnabled, Facade\Ignition\Http\Middleware\IgnitionConfigValueEnabled:enableRunnableSolutions
您必须在文件中设置APP_DEBUG
为而不是删除包。false
.env
Facade/Ignition
推荐阅读
- java - Hash Map 通过单独的链接(int 键,LinkedList 值)实现链表,对吗?
- asp.net - 如何使用 View 中的下拉列表将数据从 ViewModel 插入数据库
- javascript - 使用 vanilla JavaScript 在浏览器控制台中记录错误和警告
- mysql - 将条件与 AND 和 OR 组合时的意外结果
- python - 输入空字符串后如何附加字典
- node.js - 从共享主机连接到 mongodb Atlas 时出错
- python - pygame 将图像的透明部分变为白色
- https - 为什么 Traefik 2.0 没有检测到我指定的默认静态证书,而是自己生成一个?
- angular - 使用 Angular HttpInterceptor 时,RxJS BehaviorSubject 没有正确更新
- c++ - 如何解决:“捆绑格式无法识别、无效或不合适”