The security of the SMS service interface is a particular concern when developing or docking the SMS interface. Some *** may be out of malicious competition or bombing others with SMS, *** SMS service interface, stealing verification SMS, causing financial loss. So how to prevent the SMS interface from being called maliciously? This article introduces how to use SMS firewall. # SMS firewall#
➤ How to use risk control firewall
Step 1: Obtain the firewall account key
Enter the firewall console , in the left navigation bar, select [Site Management], enter the site administration page, click [] receives the key sent to the mailbox.
Step 2: Download the firewall server
Go to the firewall's official website , select [ Solution ]> [ Download Center ] in the top navigation bar , enter the download center page, find the SMS firewall server installation package, and click [ download link ] to download it.
Step 3: Front-end and back-end access to the business system
Web front-end access:
Java Add the following code to the appropriate position (in the tag) on the page to import the JS file:
<script type="text/javascript" src="/NxtJsServlet"></script>PHP adds the following code to the appropriate position (in the tag) of the page to import the JS file:
<script id="finger" type="text/javascript" src="/nxt_inc/nxt_front.php"></script>Back-end access:
Java
Modify the configuration (the same system as the business system does not need to be modified):
newxt.ini (storage location: "\src\resource")
modify parameters (fireWareUrl) --> http://localhost:7502 (local service path)
(isNginx) --> true (with or without reverse proxy)
- SMS delivery
public RetMsg smsSend(HttpServletRequest request, HttpServletResponse response, String clientMobile) {
RetMsg retMsg = new RetMsg(-1, "系统异常");
FwClient fwClient = new FwClientImpl();
try {
// 1 调用【短信防火墙】短信发送请求
HashMap < String, Object > paramMap = fwClient.getSendReq(request, clientMobile);
String jsonReq = fwClient.execReq(paramMap);
String smsSendRet = fwClient.getRetVaule(jsonReq, "riskResult");
if("REJECT".equals(smsSendRet)) {
retMsg.setRet(3);
retMsg.setMsg("请求过于频繁");
}
else {
// 业务 TODO
// 业务调用短信接口 TODO
// 调用短信接口 结束
if(smsRetMsg != null && smsRetMsg.getRet() == 0) {
// 2 调用【短信防火墙】成功结果
fwClient.execSucc(paramMap);
logger.debug("send succ");
retMsg.setRet(0);
retMsg.setMsg("发送验证码成功");
}
else {
// 2 调用【短信防火墙】失败结果
SmsVerifyCache.getInstance().remove(clientMobile);
fwClient.execFail(paramMap);
retMsg.setRet(-1);
retMsg.setMsg("发送验证码失败");
}
}
}
catch(Exception e) {
for(StackTraceElement elment: e.getStackTrace()) {
logger.error(elment.toString());
}
}
return retMsg;
}- SMS verification
public RetMsg smsVerify(HttpServletRequest request, HttpServletResponse response, String clientMobile, String smsVerifyCode) {
FwClient fwClient = new FwClientImpl();
RetMsg retMsg = new RetMsg(-1, "系统异常");
if(smsVerifyCode == null || smsVerifyCode.isEmpty()) {
retMsg.setRet(1);
retMsg.setMsg("输入验证码为空");
}
else {
// 1 调用【短信防火墙】验证请求
HashMap < String, Object > paramMap = fwClient.getVerifyReq(request, clientMobile); // 请求防火墙
String jsonReq = fwClient.execReq(paramMap);
// 报文处理
String smsSendRet = fwClient.getRetVaule(jsonReq, "riskResult");
if("REJECT".equals(smsSendRet)) {
retMsg.setRet(3);
retMsg.setMsg("请求过于频繁");
}
// 业务 TODO
if(cacheSmsVerify != null && cacheSmsVerify.getVerifyCode() != null && !cacheSmsVerify.getVerifyCode().isEmpty()) {
if(cacheSmsVerify.getVerifyCode().equals(smsVerifyCode)) {
retMsg.setRet(0);
retMsg.setMsg("验证成功");
}
else {
retMsg.setRet(1);
retMsg.setMsg("验证码错误");
}
}
else {
retMsg.setRet(-9);
retMsg.setMsg("验证码超时");
}
if(retMsg.getRet() == 0) {
// 2 调用【短信防火墙】成功结果
fwClient.execSucc(paramMap);
}
else {
// 2 调用【短信防火墙】失败结果
fwClient.execFail(paramMap);
}
}
return retMsg;
}PHP
Modify the configuration file (the same system as the business system does not need to be modified):
nxt_ini.php (storage location: "\nxt_inc") Modify parameters (\$GLOBALS
["fireWareUrl"]) -->$GLOBALS["fireWareUrl"]=" http://localhost:7502 "
- SMS delivery
require_once $_SERVER['DOCUMENT_ROOT'].
"/nxt_inc/nxt_client.php";
/**
* 发送短信
* @param $mobile
*/
public
function send(string $mobile) {
$fwClient = new ClientApi();
// 获取下发短信报文
$paramMap = $fwClient - > getSendReq($phone);
// 执行下发短信请求
$jsonReq = $fwClient - > execReq($paramMap);
$fwRet = $fwClient - > getRetVaule($jsonReq, "riskResult");
if("REJECT" != $fwRet) {
// 发送短信业务 TODO
if(发送成功标记) {
// 下发短信成功
$fwClient - > execSucc($paramMap);
}
else {
// 下发短信失败
$fwClient - > execFail($paramMap);
}
}
}- SMS verification
/**
* 短信验证
* @param $mobile
*/
public
function smsVerify(string $mobile) {
$fwClient = new ClientApi();
// 获取短信验证报文
$paramMap = $fwClient - > getVerifyReq($phone);
// 执行短信验证请求
$jsonReq = $fwClient - > execReq($paramMap);
$fwRet = $fwClient - > getRetVaule($jsonReq, "riskResult");
if("REJECT" != $fwRet) {
// 验证短信业务 TODO
if(验证成功标记) {
// 验证短信成功
$fwClient - > execSucc($paramMap);
}
else {
// 验证短信失败
$fwClient - > execFail($paramMap);
}
}
}Step 4: Real-time monitoring
The defense and interception data has a panoramic view, and the data details of the day and recent risk trends can be viewed in real time. Through the risk control data dashboard, you can view the verification status of 1-30 days, the risk control interception status, and the AI model triggered by the verification event.
Enter the firewall console and select [Risk Market] in the left navigation bar to enter the risk market page.
The above is the whole process of using SMS firewall. For more information, please follow the firewall's official website: www.newxtc.com