Quote:
|
Originally Posted by Ene
Dear recommended hosting providers, Emerson, Conor and others. I suggest to implement the following modification on your and our servers.
1. Special shell script will parse all FTP logs every day.
2. If script finds the many uploads of 'index.php, index.html, main.php, default.php' files from one IP, this script will send an email to the server administrator and add this IP to the firewall.
3. We will have special thread on this forum where we will be able to post such suspicios IPs for others to ban these IPs as well.
What do you think?
|
Hi Ene,
We already have something like this in place. We have all index.* files being watched on our servers.
We use CSF for our firewall and it has the capability of monitoring changes to directories and files.
You set the pattern and if any changes match those patterns we get alerted immediately.