Lunarpages Web Hosting Forum

Author Topic: Hack Detection - File Integrity Monitor  (Read 4660 times)

Offline pharscape

  • Trekkie
  • **
  • Posts: 15
Hack Detection - File Integrity Monitor
« on: May 09, 2012, 01:52:58 PM »
Hi,

Some time ago my site was hacked and someone was able to inject malicious code into PHP files. I eventually fixed the problem but it took me a long time to find it in the code and then put it right.  :cry:

I now wanted an early warning system and actionable information should it ever happen again. Looking around I couldn't find anything suitable that was free or low cost so I decided to roll my own.

What results is a PHP application called Simple Site Integrity Monitor (SSIM) that runs independently of my CMS. I've hooked it into Cron and I now get reports as frequently as I need automatically.

If files get changed, added, deleted etc it produces a detailed email report. For editable files it produces a nice color coded diff too. It will even create backups of editable files for me to download.
I have extended it beyond just an app for me so it now supports secure login, admin and audit roles, multiple email address reporting and configurable file filters etc etc..

I know this is a shameless plug :razz: but if you are interested to learn more about it I have set up a site to host it at www.saphe.net.
 :whip: The link now works!

Cheers,
Paul

« Last Edit: May 14, 2012, 02:53:39 PM by pharscape »

Offline pharscape

  • Trekkie
  • **
  • Posts: 15
Re: Hack Detection - File Integrity Monitor
« Reply #1 on: May 14, 2012, 03:24:51 PM »
I duh have fixed the site link!
http://www.saphe.net/ssim_getting