logging_file_acces_via_php
no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
— | logging_file_acces_via_php [2016/07/14 07:02] (current) – created admin | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | =====logging acces to attacked files under apache via php===== | ||
+ | Lets say my server is scanned by scripts from time to time. I see popping up a 404 error un the logs for | ||
+ | |||
+ | / | ||
+ | |||
+ | which is not a file belonging to joomla and exists only on hacked joomla instances, so theres no reason to GET this file other than malicious ones. So I've placed a file there, which logs the connection attempts | ||
+ | |||
+ | Sure there are other ways like analyzing apachze logs, but i think this is more comfortable. | ||
+ | |||
+ | < | ||
+ | <?php | ||
+ | |||
+ | $line = date(' | ||
+ | file_put_contents(' | ||
+ | |||
+ | echo "thx for supplying your IP skiddie"; | ||
+ | |||
+ | ?> | ||
+ | |||
+ | touch visitors.log | ||
+ | chown www-data: | ||
+ | chmod og-r visitors.log | ||
+ | </ |
logging_file_acces_via_php.txt · Last modified: 2016/07/14 07:02 by admin