WebServer Sicherheit – Änderungen im web-Verzeichnis überwachen

Letztens ging es in der Blogger Gemeinde ja ziemlich zur Sache. WordPress hatte auf verschiedenen Hosted Servern einige Probleme, dass ein Script eingespielt wurde, welches dem Client ein MalWare auslieferte…

Neben den vielen Sicherheitseinstellungen, die man in WordPress doch tätigen sollte, hier noch ein ergänzendes Script, welches das komplette Web-Verzeichnis nach geänderten Dateien in den letzten 30 min prüft. So kann man recht schnell erkennen und reagieren, falls jemand ungewollt über eine Sicherheitslücke Schadcode in einer Datei ablegt.

< ?php
 * Dieses Skript prüft in einem bestimmten Pfad 
 * die enthaltenen Dateien auf Änderungen
 * @author 	Twitch  <tg@webolutions.de>
 * @link 		www.webolutions.de	
// Prüfe folgenden Pfad auf Veränderungen
// Hier können auch Pfade ausgeschlossen werden
exec('find /var/www/html/web/ -name error_log -prune -o -path 
'/var/www/html/web/shop/logs' -prune -o -type f -cmin -32 
-print | xargs -r ls -larth ', $last_changed);
// Wenn etwas gefunden wurde, dann schnell per E-Mail reporten
if ( count ( $last_changed ) > 0 ) {
    // E-mail Einstellungen
    $sendto = "E-mail receiver <mail @domain.de>";
    $sendfrom = "Check4Changes [DOMAIN] </mail><mail @domain.de>";
    $sendsubject = "Cron [DOMAIN] Check4Changes";
    // E-Mail Inhalt
    $email_output = 'Dateien, die in der letzten halben Stunde geaendert wurden:';
    $email_output .= "n";
    $email_output .= "n";
    $last_changed_files = implode ( "n", $last_changed);
    $email_output .= $last_changed_files;
    $send_eol = "rn";
    $send_headers = 'From: ' . $sendfrom . $send_eol;
    $send_headers .= 'Reply-To: ' . $sendfrom . $send_eol;
    $send_headers .= 'Return-Path: ' . $sendfrom . $send_eol;
    // Senden
    @mail($sendto, $sendsubject, $email_output, $send_headers);

Per Cron einfach aufrufen und fertig… zwar eine quick-Lösung, aber dafür ziemlich hilfreich :-).

PS: Das Script hilft aber alles nix, wenn der WebServer direkt gehackt wurde… die Linux Freunde wissen warum 🙂

9 thoughts to “WebServer Sicherheit – Änderungen im web-Verzeichnis überwachen”

  1. However, today Kerala is emerging as an industrial and commercial hub in the united states
    which is giving other states a run for money.
    It is the second largest from the islands and as
    it really is quieter than its famous neighbour Mallorca, it can be more fitted
    to the more discerning traveller. And, when you are lounging over a chair admiring
    the red sun setting within the honey-coloured cornfields with a gentle breeze blowing over your feet,
    what better way to savor this little slice of heaven than using a good book.

  2. This is how it is possible to achieve the majority
    of the objectives you have in mind. Everything else within your diary ranks a definite second when it
    comes to prospecting. Regardless of how tempting the positioning or price that drew your attention might seem, unkempt properties may be financial holes.

  3. When people think about self build homes they frequently envision the grand designs they may have seen constructed on recent
    television programmes. For such commendable increase of
    Mexico its citizens do have an excellent role to try out and the citizens in Mexico do enjoy a fantastic quality of life
    in luxury real estates in Mexico. They are predicting this
    due to the political upheaval containing occurred inside the
    last two months.

  4. A Incidental Expenses – In certain situations which includes accidents or
    damages that an individual has clearly carried out the home, the average person will simply shoulder a part with the tariff of the repairs needed and mostly still shouldered through the landlord.
    The property marketplace is changing on a regular basis with new pressures
    within selling, leasing, and property management. When you apply the ideas listed inside six preceding paragraphs, you are able to greatly increase your chances of
    putting your money in a property that will give you that money back and after that some.

  5. You could use the present lines present and not have to worry about moving them.
    Seeking the assistance and advice from a well experienced contractor or interior designer around the best paint colors to work with in your home can be rewarding.
    Adding interior design may be quickly finished with paint jobs and lets you custom decorate any room.

  6. In other cases, these agreements will be the standard type of real-estate
    lending within their jurisdiction. Researches through
    the past calamities which may have happen have shown that women are
    better than men in terms of investments. That way you reduce every one of the costs of making use
    of the trading platform wanted to you and you also just pay a small brokerage fee which can be shared amongst every one of the fund
    pool contributors as you entity handles the entire, larger pool.

  7. Often, it is possible to cut back on your holiday costs by finding inexpensive accommodations.
    However, a professional might have solutions for helping the room that you would have never
    considered. They have always delivered their promise to keep up client satisfaction and superior service.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.