Women in Technology

Hear us Roar


Article:
  Introducing mod_security
Subject:   filettering php shell Scripts
Date:   2006-02-21 09:58:35
From:   ALDWLYA
dear sirs,


is there any way , idea , function ... to put it into a .htaccess file .. to check a file content when somone request that file from the web ????



If somone hacked a web site and uploade a PHP shell ... of course he will request it via


the web like http://site.com/phpshell.php


here i want to someting to check that phpshell contente ... if it finde a shell script ..


it's prevent it displaying via the web .. if itsn't a shell script .. it's allow for its request and display the file content ..


waiting foe early replay ..


and I'm so sorry for my bad English


thanks & best regards ..
Main Topics Newest First

Showing messages 1 through 1 of 1.

  • filettering php shell Scripts
    2006-02-24 09:05:09  Ivan Ristic | O'Reilly Author [View]

    Inspecting a file before it is executed shouldn't be difficult. The best approach is probably to use a custom Apache module configured to execute just before PHP (in your case) execution takes place. It would scan the target script and refuse to run if it detects something inappropriate.

Recommended for You
 
Sign up today to receive special discounts,
product alerts, and news from O'Reilly.
Privacy Policy >
View Sample Newsletter >