Member Avatar for begueradj

Hello

What methods can I use to detect malicious PHP/Javascript within the pages of my websites in the case they are infected ?

Member Avatar for diafol

Infected? You mean somebody uploads a script to your site? Don't let them is the answer. Your host should have security and you could lock down any access other than stuff like time-limited ftp access.

Does your code allow file uploads or direct addition of data to a DB or file?

Member Avatar for begueradj

I mean I found obfuscated php/javascript code within some of my files.
What are the methods to use to detect if a hosted file.php file is sane or not ?

Member Avatar for diafol

I don't know how you could test to see if an obfuscated file was suspect or not other than to trace its origin. It could be totally legitimate - if you use 3rd party scripts - especially paid-for scripts. Have a look at the date changed (Unix doesn't have create times AFAIK) and any logs.

Have a look here for a list of logs on cPanel/Apache:

http://www.inmotionhosting.com/support/website/getting-started-guides/cpanel-logs-for-access-apache-email-error-ftp-mysql-whm

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.