Linux服務器安全：Web接口防御策略。

from flask import Flask, request from flask_httpauth import HTTPBasicAuth from flask_otp import OTP  app = Flask(__name__) auth = HTTPBasicAuth()  users = {     "admin": "adminPassword" }  @auth.verify_password def verify_password(username, password):     if username in users and password == users[username]:         return username  @auth.get_user_roles def get_user_roles(username):     if username == "admin":         return "admin"  @app.route('/') @auth.login_required def home():     return "Welcome to the admin portal!"  @app.route('/otp', methods=["POST"]) @auth.login_required def generate_otp():     if auth.current_user() == "admin":         otp = OTP.generate()         return otp     else:         return "Access denied."  if __name__ == '__main__':     app.run()

<?php function validate_input($input) {     $pattern = "/^[a-zA-Z0-9]+$/";     if (preg_match($pattern, $input)) {         return true;     } else {         return false;     } }  $input = $_POST['input'];  if (validate_input($input)) {     // 執行安全的操作 } else {     // 輸出錯誤消息或拒絕請求 } ?>

from flask import Flask, request from flask_limiter import Limiter from flask_limiter.util import get_remote_address  app = Flask(__name__) limiter = Limiter(app, key_func=get_remote_address)  @app.route('/') @limiter.limit("10 per minute") def home():     return "Welcome to the website!"  if __name__ == '__main__':     app.run()