monkeybidz Posted December 21, 2007 Share Posted December 21, 2007 Can I add some code to a php file where if a user session is not set the file will consider it a hack attempt? $_SESSION["MYSCRIPT_LOGGED_IN"] Link to comment https://forums.phpfreaks.com/topic/82625-how-to-prevent-remote-sites-or-servers-from-connecting-to-my-files/ Share on other sites More sharing options...
Jessica Posted December 21, 2007 Share Posted December 21, 2007 <?php if(!isset($_SESSION['user'])){ die('error'); } ?> That won't stop hacking attempts though. We'd need to see a lot more of your code to help with security. What in particular are you worried about here? Link to comment https://forums.phpfreaks.com/topic/82625-how-to-prevent-remote-sites-or-servers-from-connecting-to-my-files/#findComment-420204 Share on other sites More sharing options...
monkeybidz Posted December 21, 2007 Author Share Posted December 21, 2007 Well I am helping out someone with no php skill, I on the other hand know a tiny bit. They are using files with file permission set to 777, but somehow PHP.RSTBackdoor Trojan keeps getting inserted connecting from a remote host to a certain php file. Link to comment https://forums.phpfreaks.com/topic/82625-how-to-prevent-remote-sites-or-servers-from-connecting-to-my-files/#findComment-420210 Share on other sites More sharing options...
rarebit Posted December 21, 2007 Share Posted December 21, 2007 Delete the file: r57shell.php (and check for others) see http://www.symantec.com/security_response/writeup.jsp?docid=2005-071322-4217-99&tabid=2 Link to comment https://forums.phpfreaks.com/topic/82625-how-to-prevent-remote-sites-or-servers-from-connecting-to-my-files/#findComment-420236 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.