From 47f9ae1575d029b345cda75721f9e3fe063f2872 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Mon, 9 Jun 2025 01:42:19 +0200
Subject: [PATCH] Continued: - detect/block XDEBUG_* - eval-stdin.php is from
 PHPUnit (which for various reasons should NOT be   installed on productive
 servers) - added `=phpinfo` varriant

---
 libs/lib_detector.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/libs/lib_detector.php b/libs/lib_detector.php
index 92ffbbd..c4dcf10 100644
--- a/libs/lib_detector.php
+++ b/libs/lib_detector.php
@@ -57,6 +57,9 @@ function initCrackerTrackerArrays () {
 		'HTTP_USER_AGENT', 'HTTP_HOST', 'HTTP_PHP', '_SESSION', 'CFG_ROOT',
 		'DOCUMENT_ROOT', '_SERVER',
 
+		// Don't run XDEBUG on production servers
+		'XDEBUG_',
+
 		// Sensitive files
 		'/environ', 'etc/shadow', 'etc/gshadow', 'etc/passwd', 'etc/group',
 		'etc/./shadow', 'etc/./gshadow', 'etc/./passwd', 'etc/./group',
@@ -106,10 +109,13 @@ function initCrackerTrackerArrays () {
 		'open_basedir', 'suhosin', 'cgi.force_redirect', 'cgi.redirect_status_env',
 
 		// PHP commands/scripts
-		'fopen', 'fwrite', 'phpinfo()', '\<?', '?\>', 'base64_decode', 'file_put_contents',
+		'fopen', 'fwrite', 'phpinfo()', '=phpinfo', '\<?', '?\>', 'base64_decode', 'file_put_contents',
 		'set_magic_quotes_runtime', 'set_magic_quotes_runtime', 'display_errors', 'passthru',
 		'call_user_func', 'set_time_limit', 'urldecode',
 
+		// PHPUnit is strictly console!
+		'eval-stdin.php',
+
 		// php.ini variables
 		'disable_functions', 'safe_mode', 'allow_url_include', 'auto_prepend_file',
 
-- 
2.39.5