monkeybidz Posted December 21, 2007 Share Posted December 21, 2007 Can I add some code to a php file where if a user session is not set the file will consider it a hack attempt? $_SESSION["MYSCRIPT_LOGGED_IN"] Quote Link to comment https://forums.phpfreaks.com/topic/82625-how-to-prevent-remote-sites-or-servers-from-connecting-to-my-files/ Share on other sites More sharing options...
Jessica Posted December 21, 2007 Share Posted December 21, 2007 <?php if(!isset($_SESSION['user'])){ die('error'); } ?> That won't stop hacking attempts though. We'd need to see a lot more of your code to help with security. What in particular are you worried about here? Quote Link to comment https://forums.phpfreaks.com/topic/82625-how-to-prevent-remote-sites-or-servers-from-connecting-to-my-files/#findComment-420204 Share on other sites More sharing options...
monkeybidz Posted December 21, 2007 Author Share Posted December 21, 2007 Well I am helping out someone with no php skill, I on the other hand know a tiny bit. They are using files with file permission set to 777, but somehow PHP.RSTBackdoor Trojan keeps getting inserted connecting from a remote host to a certain php file. Quote Link to comment https://forums.phpfreaks.com/topic/82625-how-to-prevent-remote-sites-or-servers-from-connecting-to-my-files/#findComment-420210 Share on other sites More sharing options...
rarebit Posted December 21, 2007 Share Posted December 21, 2007 Delete the file: r57shell.php (and check for others) see http://www.symantec.com/security_response/writeup.jsp?docid=2005-071322-4217-99&tabid=2 Quote Link to comment https://forums.phpfreaks.com/topic/82625-how-to-prevent-remote-sites-or-servers-from-connecting-to-my-files/#findComment-420236 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.