\uc6cc\ub4dc\ud504\ub808\uc2a4\uc5d0\uc11c \ud2b9\uc815\ud55c SQL \uc778\uc81d\uc158 \uc2dc\ub3c4\uc640 \uac19\uc774 \uc704\ud5d8\ud55c \ud30c\ub77c\uba54\ud130\ub97c \ucc28\ub2e8\ud558\ub294 \ubc29\ubc95\uc5d0\ub294 \uc5ec\ub7ec \uac00\uc9c0\uac00 \uc788\uc2b5\ub2c8\ub2e4. \uc81c\uc2dc\ub41c \ud30c\ub77c\uba54\ud130\ub294 SQL \uc778\uc81d\uc158 \uacf5\uaca9\uc744 \uc2dc\ub3c4\ud558\ub294 \uac83\uc73c\ub85c \ubcf4\uc785\ub2c8\ub2e4. \uc774\ub97c \ubc29\uc9c0\ud558\uae30 \uc704\ud55c \uba87 \uac00\uc9c0 \ubc29\ubc95\uc744 \uc18c\uac1c\ud558\uaca0\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n\n
RewriteEngine On\nRewriteCond %{QUERY_STRING} (\\%27)|(\\')|(\\-\\-)|(\\%23)|(#)\nRewriteRule .* - [F]\n<\/pre><\/div>\n\n\n\n\uc774 \uaddc\uce59\uc740 \uc77c\ubc18\uc801\uc778 SQL \uc778\uc81d\uc158 \ud328\ud134\uc744 \ud3ec\ud568\ud55c \uc694\uccad\uc744 \ucc3e\uc544\ub0b4\uc11c \ucc28\ub2e8\ud569\ub2c8\ub2e4.<\/p>\n\n\n\n
\n- <\/li>\n<\/ol>\n\n\n\n
RewriteEngine On<\/h3>\n\n\n\n
\uc774 \ub77c\uc778\uc740 URL \uc7ac\uc791\uc131 \uc5d4\uc9c4\uc744 \ud65c\uc131\ud654\ud569\ub2c8\ub2e4. Apache \uc6f9 \uc11c\ubc84\ub294 .htaccess<\/code> \ud30c\uc77c\uc5d0\uc11c URL \uc7ac\uc791\uc131 \uaddc\uce59\uc744 \uc801\uc6a9\ud558\uae30 \uc704\ud574 RewriteEngine\uc744 \uc0ac\uc6a9\ud569\ub2c8\ub2e4. \uc774 \uc124\uc815\uc774 \ucf1c\uc838 \uc788\uc5b4\uc57c \ub098\uba38\uc9c0 \uc7ac\uc791\uc131 \uaddc\uce59\uc774 \uc791\ub3d9\ud569\ub2c8\ub2e4.<\/p>\n\n\n\nRewriteCond %{QUERY_STRING} (%27)|(‘)|(–)|(%23)|(#)<\/h3>\n\n\n\n
\uc774 \ub77c\uc778\uc740 \uc870\uac74\uc744 \uc124\uc815\ud558\ub294 \uac83\uc73c\ub85c, \ud2b9\uc815 \uc870\uac74\uc774 \ub9cc\uc871\ub420 \ub54c\ub9cc \uc544\ub798\uc758 RewriteRule\uc774 \uc801\uc6a9\ub429\ub2c8\ub2e4. \uc5ec\uae30\uc11c %{QUERY_STRING}<\/code>\uc740 \uc694\uccad\ub41c URL\uc758 \ucffc\ub9ac \ubb38\uc790\uc5f4\uc744 \ub098\ud0c0\ub0c5\ub2c8\ub2e4. \uad04\ud638 \uc548\uc758 \ud328\ud134\uc740 \ucc28\ub2e8\ud558\ub824\ub294 \ud2b9\uc815 \ubb38\uc790\uc5f4\uc744 \ud3ec\ud568\ud558\ub294\uc9c0 \ud655\uc778\ud569\ub2c8\ub2e4.<\/p>\n\n\n\n\n(\\%27)<\/code>: %27<\/code>\uc740 URL \uc778\ucf54\ub529\ub41c \uc544\ud3ec\uc2a4\ud2b8\ub85c\ud53c(\u2018)\uc785\ub2c8\ub2e4. \uc774\ub97c \ud3ec\ud568\ud558\ub294 \ucffc\ub9ac \ubb38\uc790\uc5f4\uc744 \ucc28\ub2e8\ud569\ub2c8\ub2e4.<\/li>\n\n\n\n(\\')<\/code>: \uc9c1\uc811 \uc785\ub825\ub41c \uc544\ud3ec\uc2a4\ud2b8\ub85c\ud53c(\u2018)\ub97c \ud3ec\ud568\ud558\ub294 \ucffc\ub9ac \ubb38\uc790\uc5f4\uc744 \ucc28\ub2e8\ud569\ub2c8\ub2e4.<\/li>\n\n\n\n(\\-\\-)<\/code>: SQL \uc8fc\uc11d \uc2dc\uc791 \ubb38\uc790\uc5f4 --<\/code>\ub97c \ud3ec\ud568\ud558\ub294 \ucffc\ub9ac \ubb38\uc790\uc5f4\uc744 \ucc28\ub2e8\ud569\ub2c8\ub2e4.<\/li>\n\n\n\n(\\%23)<\/code>: %23<\/code>\uc740 URL \uc778\ucf54\ub529\ub41c \uc0f5(#) \uae30\ud638\uc785\ub2c8\ub2e4. \uc774\ub97c \ud3ec\ud568\ud558\ub294 \ucffc\ub9ac \ubb38\uc790\uc5f4\uc744 \ucc28\ub2e8\ud569\ub2c8\ub2e4.<\/li>\n\n\n\n(#)<\/code>: \uc9c1\uc811 \uc785\ub825\ub41c \uc0f5(#) \uae30\ud638\ub97c \ud3ec\ud568\ud558\ub294 \ucffc\ub9ac \ubb38\uc790\uc5f4\uc744 \ucc28\ub2e8\ud569\ub2c8\ub2e4.<\/li>\n<\/ul>\n\n\n\n\uc774 \ud328\ud134\ub4e4\uc740 SQL \uc778\uc81d\uc158 \uacf5\uaca9\uc5d0\uc11c \uc790\uc8fc \uc0ac\uc6a9\ub418\ub294 \ubb38\uc790\ub4e4\uc744 \ud3ec\ud568\ud558\uace0 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n\n
RewriteRule .* – [F]<\/h3>\n\n\n\n
\uc774 \ub77c\uc778\uc740 \uc870\uac74\uc774 \ub9cc\uc871\ub420 \ub54c \uc801\uc6a9\ub418\ub294 \uaddc\uce59\uc744 \uc815\uc758\ud569\ub2c8\ub2e4.<\/p>\n\n\n\n
\n.*<\/code>: \ubaa8\ub4e0 \uc694\uccad\uc744 \uc758\ubbf8\ud569\ub2c8\ub2e4.<\/li>\n\n\n\n-<\/code>: \uc7ac\uc791\uc131\ud560 URL\uc774 \uc5c6\uc74c\uc744 \ub098\ud0c0\ub0c5\ub2c8\ub2e4. \uc989, URL\uc744 \ubcc0\uacbd\ud558\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4.<\/li>\n\n\n\n[F]<\/code>: Forbidden\uc744 \uc758\ubbf8\ud569\ub2c8\ub2e4. \uc870\uac74\uc774 \ub9cc\uc871\ub418\uba74 \uc11c\ubc84\ub294 403 Forbidden \uc0c1\ud0dc \ucf54\ub4dc\ub97c \ubc18\ud658\ud558\uace0 \uc694\uccad\uc744 \ucc28\ub2e8\ud569\ub2c8\ub2e4.<\/li>\n<\/ul>\n\n\n\n\uc885\ud569 \uc124\uba85<\/h3>\n\n\n\n
\uc774 .htaccess<\/code> \uc124\uc815\uc740 \ub2e4\uc74c\uacfc \uac19\uc740 \uc694\uccad\uc744 \ucc28\ub2e8\ud569\ub2c8\ub2e4:<\/p>\n\n\n\n\n- URL \ucffc\ub9ac \ubb38\uc790\uc5f4\uc5d0 URL \uc778\ucf54\ub529\ub41c \uc544\ud3ec\uc2a4\ud2b8\ub85c\ud53c(
%27<\/code>)\uac00 \ud3ec\ud568\ub41c \uacbd\uc6b0<\/li>\n\n\n\n- URL \ucffc\ub9ac \ubb38\uc790\uc5f4\uc5d0 \uc9c1\uc811 \uc785\ub825\ub41c \uc544\ud3ec\uc2a4\ud2b8\ub85c\ud53c(
'<\/code>)\uac00 \ud3ec\ud568\ub41c \uacbd\uc6b0<\/li>\n\n\n\n- URL \ucffc\ub9ac \ubb38\uc790\uc5f4\uc5d0 SQL \uc8fc\uc11d \uc2dc\uc791 \ubb38\uc790\uc5f4(
--<\/code>)\uc774 \ud3ec\ud568\ub41c \uacbd\uc6b0<\/li>\n\n\n\n- URL \ucffc\ub9ac \ubb38\uc790\uc5f4\uc5d0 URL \uc778\ucf54\ub529\ub41c \uc0f5 \uae30\ud638(
%23<\/code>)\uac00 \ud3ec\ud568\ub41c \uacbd\uc6b0<\/li>\n\n\n\n- URL \ucffc\ub9ac \ubb38\uc790\uc5f4\uc5d0 \uc9c1\uc811 \uc785\ub825\ub41c \uc0f5 \uae30\ud638(
#<\/code>)\uac00 \ud3ec\ud568\ub41c \uacbd\uc6b0<\/li>\n<\/ul>\n\n\n\n\uc774\ub97c \ud1b5\ud574 SQL \uc778\uc81d\uc158 \uacf5\uaca9\uc744 \uc2dc\ub3c4\ud558\ub294 \uc545\uc758\uc801\uc778 \uc694\uccad\uc744 \ucc28\ub2e8\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. .htaccess<\/code> \ud30c\uc77c\uc744 \uc218\uc815\ud55c \ud6c4, \uc6f9 \uc11c\ubc84\ub97c \ub2e4\uc2dc \uc2dc\uc791\ud558\uac70\ub098 \uad6c\uc131\uc744 \uc0c8\ub85c \uace0\uccd0\uc57c \ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc774\ub97c \ud1b5\ud574 \ubcc0\uacbd \uc0ac\ud56d\uc774 \uc801\uc6a9\ub429\ub2c8\ub2e4.<\/p>\n\n\n\nRewriteEngine on\nRewriteCond %{HTTP_REFERER} !^$\nRewriteCond %{HTTP_REFERER} !^https:\/\/www.auctionpro.co.kr [NC]\nRewriteCond %{HTTP_REFERER} !^http(s)?:\/\/(www.)?google.com [NC]\nRewriteRule .(jpg|jpeg|png|gif)$ \u2013 [NC,F,L]<\/pre><\/div>\n\n\n\n\uc704\uc758 .htaccess<\/code> \ud30c\uc77c \ub0b4\uc6a9\uc740 \ud2b9\uc815 \uc0ac\uc774\ud2b8\uc5d0\uc11c\ub9cc \uc774\ubbf8\uc9c0 \ud30c\uc77c\uc744 \ucc38\uc870\ud560 \uc218 \uc788\ub3c4\ub85d \uc81c\ud55c\ud558\ub294 \uc124\uc815\uc785\ub2c8\ub2e4. \uac01 \ub77c\uc778\uc758 \uc758\ubbf8\ub97c \uc790\uc138\ud788 \uc124\uba85\ud558\uaca0\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n\nRewriteEngine on<\/h3>\n\n\n\n
\uc774 \ub77c\uc778\uc740 URL \uc7ac\uc791\uc131 \uc5d4\uc9c4\uc744 \ud65c\uc131\ud654\ud569\ub2c8\ub2e4. Apache \uc6f9 \uc11c\ubc84\ub294 .htaccess<\/code> \ud30c\uc77c\uc5d0\uc11c URL \uc7ac\uc791\uc131 \uaddc\uce59\uc744 \uc801\uc6a9\ud558\uae30 \uc704\ud574 RewriteEngine\uc744 \uc0ac\uc6a9\ud569\ub2c8\ub2e4. \uc774 \uc124\uc815\uc774 \ucf1c\uc838 \uc788\uc5b4\uc57c \ub098\uba38\uc9c0 \uc7ac\uc791\uc131 \uaddc\uce59\uc774 \uc791\ub3d9\ud569\ub2c8\ub2e4.<\/p>\n\n\n\nRewriteCond %{HTTP_REFERER} !^$<\/h3>\n\n\n\n
\uc774 \ub77c\uc778\uc740 HTTP_REFERER \ud5e4\ub354\uac00 \ube44\uc5b4 \uc788\uc9c0 \uc54a\uc744 \ub54c\ub9cc \uc870\uac74\uc744 \ub9cc\uc871\ud558\ub3c4\ub85d \ud569\ub2c8\ub2e4. HTTP_REFERER\ub294 \uc0ac\uc6a9\uc790\uac00 \uc774\uc804\uc5d0 \ubc29\ubb38\ud55c \ud398\uc774\uc9c0\uc758 URL\uc744 \ub098\ud0c0\ub0c5\ub2c8\ub2e4. !^$<\/code>\ub294 \ube48 \ubb38\uc790\uc5f4\uc774 \uc544\ub2cc \uacbd\uc6b0\ub97c \uc758\ubbf8\ud569\ub2c8\ub2e4.<\/p>\n\n\n\nRewriteCond %{HTTP_REFERER} !^https:\/\/www.auctionpro.co.kr<\/a> [NC]<\/h3>\n\n\n\n\uc774 \ub77c\uc778\uc740 HTTP_REFERER \ud5e4\ub354\uac00 https:\/\/www.auctionpro.co.kr<\/code>\ub85c \uc2dc\uc791\ud558\uc9c0 \uc54a\ub294 \uacbd\uc6b0 \uc870\uac74\uc744 \ub9cc\uc871\ud558\uac8c \ud569\ub2c8\ub2e4. [NC]<\/code>\ub294 \ub300\uc18c\ubb38\uc790\ub97c \uad6c\ubd84\ud558\uc9c0 \uc54a\ub3c4\ub85d \ud569\ub2c8\ub2e4 (No Case-sensitive).<\/p>\n\n\n\nRewriteCond %{HTTP_REFERER} !^http(s)?:\/\/(www.)?google.com<\/a> [NC]<\/h3>\n\n\n\n\uc774 \ub77c\uc778\uc740 HTTP_REFERER \ud5e4\ub354\uac00 http:\/\/www.google.com<\/code>, https:\/\/www.google.com<\/code>, http:\/\/google.com<\/code>, \ub610\ub294 https:\/\/google.com<\/code>\ub85c \uc2dc\uc791\ud558\uc9c0 \uc54a\ub294 \uacbd\uc6b0 \uc870\uac74\uc744 \ub9cc\uc871\ud558\uac8c \ud569\ub2c8\ub2e4. http(s)?<\/code>\ub294 http<\/code> \ub610\ub294 https<\/code>\ub97c \uc758\ubbf8\ud558\uba70, (www\\.)?<\/code>\ub294 www.<\/code>\uac00 \uc788\uc744 \uc218\ub3c4 \uc788\uace0 \uc5c6\uc744 \uc218\ub3c4 \uc788\uc74c\uc744 \uc758\ubbf8\ud569\ub2c8\ub2e4. [NC]<\/code>\ub294 \ub300\uc18c\ubb38\uc790\ub97c \uad6c\ubd84\ud558\uc9c0 \uc54a\ub3c4\ub85d \ud569\ub2c8\ub2e4.<\/p>\n\n\n\nRewriteRule .(jpg|jpeg|png|gif)$ \u2013 [NC,F,L]<\/h3>\n\n\n\n
\uc774 \ub77c\uc778\uc740 \uc870\uac74\uc774 \ub9cc\uc871\ub420 \ub54c \uc801\uc6a9\ub418\ub294 \uaddc\uce59\uc744 \uc815\uc758\ud569\ub2c8\ub2e4.<\/p>\n\n\n\n
\n\\.(jpg|jpeg|png|gif)$<\/code>: URL\uc774 .jpg<\/code>, .jpeg<\/code>, .png<\/code>, \ub610\ub294 .gif<\/code>\ub85c \ub05d\ub098\ub294 \uacbd\uc6b0\ub97c \uc758\ubbf8\ud569\ub2c8\ub2e4. \uc774\ub294 \uc774\ubbf8\uc9c0 \ud30c\uc77c\uc744 \ub300\uc0c1\uc73c\ub85c \ud569\ub2c8\ub2e4.<\/li>\n\n\n\n\u2013<\/code>: \uc7ac\uc791\uc131\ud560 URL\uc774 \uc5c6\uc74c\uc744 \ub098\ud0c0\ub0c5\ub2c8\ub2e4. \uc989, URL\uc744 \ubcc0\uacbd\ud558\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4.<\/li>\n\n\n\n[NC]<\/code>: \ub300\uc18c\ubb38\uc790\ub97c \uad6c\ubd84\ud558\uc9c0 \uc54a\ub3c4\ub85d \ud569\ub2c8\ub2e4 (No Case-sensitive).<\/li>\n\n\n\n[F]<\/code>: Forbidden\uc744 \uc758\ubbf8\ud569\ub2c8\ub2e4. \uc870\uac74\uc774 \ub9cc\uc871\ub418\uba74 \uc11c\ubc84\ub294 403 Forbidden \uc0c1\ud0dc \ucf54\ub4dc\ub97c \ubc18\ud658\ud558\uace0 \uc694\uccad\uc744 \ucc28\ub2e8\ud569\ub2c8\ub2e4.<\/li>\n\n\n\n[L]<\/code>: \uc774 \uaddc\uce59\uc774 \ub9c8\uc9c0\ub9c9 \uaddc\uce59\uc784\uc744 \ub098\ud0c0\ub0c5\ub2c8\ub2e4. \uc774 \uaddc\uce59\uc774 \uc801\uc6a9\ub418\uba74 \ub354 \uc774\uc0c1\uc758 \uc7ac\uc791\uc131 \uaddc\uce59\uc744 \uc801\uc6a9\ud558\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4.<\/li>\n<\/ul>\n\n\n\n\uc885\ud569 \uc124\uba85<\/h3>\n\n\n\n
\uc774 .htaccess<\/code> \uc124\uc815\uc740 \uc774\ubbf8\uc9c0 \ud30c\uc77c (.jpg<\/code>, .jpeg<\/code>, .png<\/code>, .gif<\/code>)\uc5d0 \ub300\ud55c \uc694\uccad\uc744 \ucc28\ub2e8\ud569\ub2c8\ub2e4. \ub2e4\ub9cc, \ub2e4\uc74c \uc870\uac74\uc5d0 \ud574\ub2f9\ud558\ub294 \uacbd\uc6b0\ub294 \uc608\uc678\uc785\ub2c8\ub2e4:<\/p>\n\n\n\n\n- HTTP_REFERER \ud5e4\ub354\uac00 \ube44\uc5b4 \uc788\ub294 \uacbd\uc6b0 (\uc9c1\uc811 URL\uc744 \uc785\ub825\ud558\uac70\ub098 \ubd81\ub9c8\ud06c\uc5d0\uc11c \uc811\uadfc\ud558\ub294 \uacbd\uc6b0)<\/li>\n\n\n\n
- HTTP_REFERER \ud5e4\ub354\uac00
https:\/\/www.auctionpro.co.kr<\/code>\ub85c \uc2dc\uc791\ud558\ub294 \uacbd\uc6b0<\/li>\n\n\n\n- HTTP_REFERER \ud5e4\ub354\uac00
http(s):\/\/(www.)?google.com<\/code>\ub85c \uc2dc\uc791\ud558\ub294 \uacbd\uc6b0<\/li>\n<\/ul>\n\n\n\n\uc774\ub97c \ud1b5\ud574 \uc774\ubbf8\uc9c0 \ud30c\uc77c\uc774 \ud2b9\uc815 \uc0ac\uc774\ud2b8\uc5d0\uc11c\ub9cc \ucc38\uc870\ub420 \uc218 \uc788\ub3c4\ub85d \uc81c\ud55c\ud558\uc5ec \ubb34\ub2e8 \ub9c1\ud06c\ub97c \ubc29\uc9c0\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. .htaccess<\/code> \ud30c\uc77c\uc744 \uc218\uc815\ud55c \ud6c4, \uc6f9 \uc11c\ubc84\ub97c \ub2e4\uc2dc \uc2dc\uc791\ud558\uac70\ub098 \uad6c\uc131\uc744 \uc0c8\ub85c \uace0\uccd0\uc57c \ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc774\ub97c \ud1b5\ud574 \ubcc0\uacbd \uc0ac\ud56d\uc774 \uc801\uc6a9\ub429\ub2c8\ub2e4.<\/p>\n\n\n\n4o<\/p>\n\n\n\n
IIS \uc5d0\uc11c\ub3c4 \uc791\ub3d9\ud558\uac8c \ud558\ub294 \ubc29\ubc95ChatGPT<\/p>\n\n\n\n
IIS(Internet Information Services)\uc5d0\uc11c \uc704\uc640 \uac19\uc740 \ub9ac\ud37c\ub7ec \uae30\ubc18 \uc774\ubbf8\uc9c0 \ucc28\ub2e8 \uaddc\uce59\uc744 \uc124\uc815\ud558\ub824\uba74 URL Rewrite \ubaa8\ub4c8\uc744 \uc0ac\uc6a9\ud574\uc57c \ud569\ub2c8\ub2e4. \uc774 \ubaa8\ub4c8\uc744 \uc0ac\uc6a9\ud558\uba74 \uc6f9 \uc11c\ubc84\uc5d0 \ub300\ud55c URL \uc7ac\uc791\uc131 \uaddc\uce59\uc744 \uc124\uc815\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \ub2e4\uc74c\uc740 IIS\uc5d0\uc11c \uc720\uc0ac\ud55c \uae30\ub2a5\uc744 \uc124\uc815\ud558\ub294 \ubc29\ubc95\uc785\ub2c8\ub2e4.<\/p>\n\n\n\n
1. URL Rewrite \ubaa8\ub4c8 \uc124\uce58<\/h3>\n\n\n\n