Women in Technology

Hear us Roar



Article:
  Introducing mod_security
Subject:   filettering php shell Scripts
Date:   2006-02-21 09:58:35
From:   ALDWLYA
dear sirs,


is there any way , idea , function ... to put it into a .htaccess file .. to check a file content when somone request that file from the web ????



If somone hacked a web site and uploade a PHP shell ... of course he will request it via


the web like http://site.com/phpshell.php


here i want to someting to check that phpshell contente ... if it finde a shell script ..


it's prevent it displaying via the web .. if itsn't a shell script .. it's allow for its request and display the file content ..


waiting foe early replay ..


and I'm so sorry for my bad English


thanks & best regards ..

Main Topics Newest First

Showing messages 1 through 1 of 1.

  • filettering php shell Scripts
    2006-02-24 09:05:09  Ivan Ristic | O'Reilly Author [View]

    Inspecting a file before it is executed shouldn't be difficult. The best approach is probably to use a custom Apache module configured to execute just before PHP (in your case) execution takes place. It would scan the target script and refuse to run if it detects something inappropriate.