logging_file_acces_via_php
no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
| — | logging_file_acces_via_php [2016/07/14 07:02] (current) – created admin | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | =====logging acces to attacked files under apache via php===== | ||
| + | Lets say my server is scanned by scripts from time to time. I see popping up a 404 error un the logs for | ||
| + | |||
| + | / | ||
| + | |||
| + | which is not a file belonging to joomla and exists only on hacked joomla instances, so theres no reason to GET this file other than malicious ones. So I've placed a file there, which logs the connection attempts | ||
| + | |||
| + | Sure there are other ways like analyzing apachze logs, but i think this is more comfortable. | ||
| + | |||
| + | < | ||
| + | <?php | ||
| + | |||
| + | $line = date(' | ||
| + | file_put_contents(' | ||
| + | |||
| + | echo "thx for supplying your IP skiddie"; | ||
| + | |||
| + | ?> | ||
| + | |||
| + | touch visitors.log | ||
| + | chown www-data: | ||
| + | chmod og-r visitors.log | ||
| + | </ | ||
logging_file_acces_via_php.txt · Last modified: by admin