News Feed
Jobs Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Sameer Borate's Blog:
Checking your site for malicious changes
August 09, 2011 @ 10:04:25

Sameer Borate, in the wake of having security issues with his site, has posted a hint you could use to help detect when something has changed in important files in your application by checking their hash.

Today a couple of hours back my site got compromised. Not much changes to the code, but the .htacces was changed and some code [...] was added to the .htaccess file, which redirected the traffic coming from search engines to a malware site. It has now been removed and to prevent any such changes to the .htaccess file in the future, I've written a small php script that compares the hash (SHA1) of the two major files that usually get compromised and compare them to the one originally stored.

It's not a preventative measure by any means, but it can help you keep track of if something's changed. Several issues have popped up in the major blogging engines that allow for changes to be made directly to files. These changes result in the sha hash to be different and can be used to trigger a security alert. His sample code shows a basic call to mail an alert, but it could be as complex as you'd like (possibly even logging to a database or the like).

0 comments voice your opinion now!
malicious change sha1 hash sha1file check alert security


blog comments powered by Disqus

Similar Posts

Ibuildings Blog: T minus one (the PHP4 8-8-08 Deadline)

Brian Swan's Blog: Do Stored Procedures Protect Against SQL Injection?

PHP.net: PHP 4.4.3 Released

Secunia.com: Slackware update for PHP5

Christopher Kunz\'s Blog: Hardened-PHP Advisory 22/2005 - phpSysInfo


Community Events











Don't see your event here?
Let us know!


release unittest podcast composer introduction hack component series hhvm symfony2 facebook package performance opinion application install database security framework language

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework