User Tools

Site Tools



This shows you the differences between two versions of the page.

Link to this comparison view

logging_file_acces_via_php [2016/07/14 09:02] (current)
admin created
Line 1: Line 1:
 +=====logging acces to attacked files under apache via php=====
 +Lets say my server is scanned by scripts from time to time. I see popping up a 404 error un the logs for
 +which is not a file belonging to joomla and exists only on hacked joomla instances, so theres no reason to GET this file other than malicious ones. So I've placed a file there, which logs the connection attempts
 +Sure there are other ways like analyzing apachze logs, but i think this is more comfortable.
 +$line = date('Y-m-d H:i:s') . " - $_SERVER[REMOTE_ADDR] - $_SERVER[REQUEST_URI] - $_SERVER[HTTP_USER_AGENT]";
 +file_put_contents('visitors.log', $line . PHP_EOL, FILE_APPEND);
 +echo "thx for supplying your IP skiddie";
 +touch visitors.log
 +chown www-data:www-data visitors.log
 +chmod og-r visitors.log
logging_file_acces_via_php.txt ยท Last modified: 2016/07/14 09:02 by admin