How to add a php script to .htaccess that, when accessing any php | html, except for the index.php file, would imperceptibly perform some kind of action. For example, I entered a log, how many times a particular file was opened (just wondering what to add to .htaccess, and I will add the php script myself).

The goal is this, there is a website in it a bunch of php or html files, all of them are loaded by indexing in index.php. And sometimes left-side files appear on the site, for example, system.php, which is viral and from time to time this script is run from a certain IP address and infection of all files begins. I would like to find all php files that run not through index.php, but directly.

Blocking the ip address, checking the user agent and where it came from, checking computers, changing passwords on ftp, websites, cleaning the virus and much more has already been done, I don’t have more strength: ((

  • and if in index.php we declare some constant, and in all other files to check its presence, while in .htaccess redirect everything to index.php? - Dex
  • and look for holes in the code? Although the Dex proposal is very appropriate - this will be the first line of defense. - KoVadim
  • Thanks for the answers, I will look in this direction if I find nothing. but still, the solution is not very suitable for me, because there are files on the site that should start up independently, as for the variables there are and are being checked, I just want to find those files that are no longer coming from the CCM, but were added after, with viruses. At the site I have sites with Jumla, ModX, DLE and on the studio CCM. - lukysun

1 answer 1

php_value auto_prepend_file check.php There is already a check for the index.php file in the request.