Author - 오길호

Web hacking, backdoor dangerous code detection plug -in

This is a plug -in made to easily find a backdoor (PHP) installed for server hacking. Find a file that uses a function that can be exploited in PHP and inform you by e -mail. WordPress, Gnuboard 5 can be easily installed and used. If you first activate it, you will be inspected as a whole, and if you find a suspicious file every hour, we will inform you by administrator e -mail. How to use Download the plug -in for that solution. The file downloaded to the folder below ...

Find an IP access from AWS (PHP)

When you use the Amazon server, if you get a server IP, the private IP is output. So I made it to save the official IP. <? if (in_array (Substr ($ _ Server ['Server_addr']], 0, 3), array('172'))) if(strrpos(gethostname(), '.compute.internal')!==false) $_SERVER['SERVER_ADDR'] = file_get_contents('http://169.254.169.254/latest/meta-data/public-ipv4'); echo $_SERVER['SERVER_ADDR']; ?>

php.ini file settings

Confirm after installing the server Short_open_tag = ON "<? PHP" and "<?" Make it available. Display_errors = On When executing a PHP script, the message is output when the error occurs. (In case of OFF, HTTP 500 internal server error output) Date.TIMEZONE = Asia/SEOUL Set the time zone. error_reporting = e_all & ~ e_notice & ~ e_deprecated NOTICE error is ignored. (* php.ini path: PHP --ini | grep php.ini)

SSH port change (Centos)

SSHD settings VI/ETC/SSH/SSHD_CONFIG Port {port number} Service SSHD RESTART Firewall setting VI/ETC/Sysconfig/iptables -A input -M State -state New -M TCP -P TCP -DPORT {Port} -j Accept Service iptables Restart * After changing the SSH port, the firewall setting allows you to use that port.