PHP Classes
elePHPant
Icontem

Site Change Detection: Scan directory to detect file changes

Recommend this page to a friend!
  Info   View files View files (3)   DownloadInstall with Composer Download .zip   Reputation   Support forum (4)   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2015-03-30 (3 years ago) RSS 2.0 feedNot yet rated by the usersTotal: 795 All time: 4,205 This week: 334Up
Version License PHP version Categories
scanner 1.7GNU General Publi...5.3PHP 5, Systems administration, Security
Description Author

This class can scan directory to detect file changes.

It can perform an initial scan to a given directory and records in a MySQL database the files that were found, as well the respective hashes.

The class can perform subsequent scans to detect any files that were added, changed or deleted.

The class can also setup the database tables to perform the initial configuration.

Innovation Award
PHP Programming Innovation award nominee
December 2013
Number 3


Prize: One downloadable e-book of choice by O'Reilly
When a Web site is attacked, often one of the things that is changed is the files that serve the site Web pages.

This class provides a solution to monitor and detect when the files of a site were changed, so you can be notified and act as soon as possible to fix the damages.

Manuel Lemos
Name: Larry Wakeman <contact>
Classes: 4 packages by
Country: United States United States
Innovation award
Innovation award
Nominee: 2x

Winner: 1x

Details
I created this object because I went through a period where my client sites were being hacked. I wanted to try
to stay one step ahead of the hackers so I wrote this script to scan the website for changes and report the results.

Scanner.php is a full and useable implementation of the class, you can ftp these files to your site, run the config 
and initial scans andtehn create a cron job to periodically scan the site andreport the results in the log file and
via email. Somenotes:

    1. Find an obscure place on your website to place index.html, scanner.php and scanner.class.php.
    2. Rename the scanner.php and scanner.class.php files to some obsure name, maybe the domain to be scanned,
         like domain.php and domain.class.php.
    3. Run the configration script. If you are in a Codeigniter, Wordpress,Joomla or Drupal environment, many of
         the configuration parameters will be picked up from theirconfig files.
    4. Run an initial scan.
    5. Create the cron job.
              
This script is designed to scan a site and compare file hashes to saved values, reporting when files have changed,
been added, or been changed. The algorythm is not perfect but you should get a short list of files to examine.

Usage:

http://[url of site]/[path to scanner]/[scanner filename].php?action=[action]

It is suggested that these files be hidden in the directory tree of the site and named something other than scanner.

actions:
    scan or none - Perform a scan of the site, designed to be done in a cron job
    config - set up scanner configuration
    initial - perform an initial scan

V2.0 - changed processing methodology to ease memory requirements. As a sided benefit, execution times are significantly
			 shorter and database space has been significantly decreased.

			 The schema has changed. Old tables will not be deleted but may be deleted by hand by the site manager. These
			 tables are <DB Tablename Root>, <DB Tablename Root>_run, <DB Tablename Root>_scan, and <DB Tablename Root>_temp,

I have had issues with Server 500 errors on a site with three WordPress instances in it. My solution was to create three 
cron jobs, one for each instance, ignoring the directories of the other two instances in teh root instance. Something about
recursing to deep. If I find a soolution, I will issue another update.

Donate to this project at http://www.diabloresults.com/downloads/site-change-detection/.
  Files folder image Files  
File Role Description
Plain text file readme.txt Doc. Readme file
Plain text file scanner.class.php Class The main Class
Plain text file scanner.php Example Demonstration

 Version Control Unique User Downloads Download Rankings  
 0%
Total:795
This week:0
All time:4,205
This week:334Up