Logging POST requests to the site

Monday, 15 April 2013 23:37

Quite often there are situations where conventional logging, which writes the apache webserver is not enough. For example, your site is hacked, and you learn a web server logs in order to nahodzheniya hole in your site. If you know the exact time hacking, it is likely that you will find in the logs or script file that was accessed from the POST request. Yes, this will be a POST request. But the trouble is that you will see in the log file only, and that's exactly what he was told, seen unfortunately will not. And the exact time hacking rarely known, so it is usually to find a hole on the website through which it was hacked, very difficult.

Therefore, we propose to use on your website a little script, whose task will be logging it is POST requests . This log will be detailed information about who, when, where and what passed by POST. Even without knowing the approximate time hacking by looking at the log file, you can easily find information about it in the hole in your site.

The script can be used perfectly on any website built on any engine, and virtually any hosting.

The script looks like this:

<?
if(isset($_POST) && count($_POST)>0){
        $data="";
        foreach($_POST as $key=>$val){
                if(is_string($val) && strlen($val)>2000 )
                        $val=substr($val,0,2000);
                $data.=$key."=>".$val."\n";
        }
        //instead /home/user/data/www/site.ru/ specify its path from the root server, which should be written log
        $fp=fopen("/home/user/data/www/site.ru/".$_SERVER['HTTP_HOST'].".log","a");
        fwrite($fp,date("Y-m-d H:i:s")." ".$_SERVER['REMOTE_ADDR']."\n".$data."---------------------------\n");
        fclose($fp);
        $data="";
        reset($_POST);
}
?>

Save it as a php file, correct it in the path from the root of your server to the folder in which you want to write the log (the folder must be writable webserver), and upload the file under any name (eg log.php) to your site in any place can be the root.

Next, you need to file .htaccess (if not, you can create) prescribe the following line:

php_value auto_prepend_file /home/user/data/www/site.ru/log.php

where of course, change the path and file name on its own.

After that, at the first POST request to your site will create a log file in the directory you specified in the script, and it in a readable form will write all the contents of POST requests to your site.

CAUTION! Log file in any case do not write to the root of your site. In the log file will contain the usernames and passwords that they will be used for logging into your site, and including your logins \ passwords that get into it with your authorization in the admin area of the site (it's also passed POST request). Therefore, the log file is best to write to the directory is not accessible from the web, that is, for example, to the one that is above the root directory of your website.


Leave a comment

  • Payment
    Methods:
  • visa
  • mastercard
  • qiwi
  • webmoney
  • yandex money
  • sberbank
  • mts bank
  • zpayment
  • liqpay
  • alfabank white
Copyright © 2012 - 2024 WebPatron Ltd. All rights reserved.