Skip to content

Instantly share code, notes, and snippets.

Avatar
🎯
Focusing

Phil Taylor PhilETaylor

🎯
Focusing
View GitHub Profile
View gist:19edb19a7b6c0cef6d8cc434ba550cac
The ONLY time the md5 hash of those files should change is when you change the file.
The only time the files need to be changed is when a site is upgraded. However, even then, if there are no changes in the new version in those files then the hash can remain the same.
We cache the md5 hash of the file into a file, in the same folder, buy proceeded with a period (.)
On every page load of the website we compare the md5 hash of the monitored files, with the cached md5 hash in the lock file we created.
If they are different then SOMETHING has changed in the monitored file, and we alert you on that.
View webp
<ifModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_ACCEPT} image/webp
RewriteCond %{REQUEST_URI} (?i)(.*)(\.jpe?g|\.png)$
RewriteCond %{DOCUMENT_ROOT}%1.webp -f
RewriteRule (?i)(.*)(\.jpe?g|\.png)$ %1\.webp [L,T=image/webp,R]
</IfModule>
<IfModule mod_headers.c>
Header append Vary Accept env=REDIRECT_accept
View gist:82a8df04bf7ba8acd5fd8318488001f2
[2019-10-23 09:26:11] api-debugger.INFO: >>>>>>>>
POST /plugins/system/bfnetwork/bfnetwork/bfPing.php HTTP/1.1
Content-Length: 670
Referer: https://myjoomla.com/
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Host: besparen.interessantvoorjou.nl
X-MYJOOMLA-HMAC: IBJrtaptsnNiM0vubbR7UK3AmKIPrGhbnk2otY9JaEk=
X-MYJOOMLA-TIME: 1571822770
View example_auditrow.json
{
"data":
[
{
"id": 1,
"site_id": 1,
"user_id": 1,
"status": "BLOB",
"scanspeed": "FAST",
"retrycount": null,
View gist:80cec12f9148c6a2dda9f3c9529261d3
[2019-09-22 10:21:14] api-debugger.INFO: >>>>>>>>
POST /wp-content/plugins/mywpguru/bfnetwork/bfAudit.php HTTP/1.1
Content-Length: 1276
Referer: https://myjoomla.com/
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Host: wyspataichi.waw.pl
X-MYJOOMLA-HMAC: fXg+tYMbjw2C0ZH7tuj6lzMh8/s8efUX1dIkzrajl2E=
X-MYJOOMLA-TIME: 1569147553
View gist:951dbdc1a090138f71c33cb254e3d38f
[2019-09-22 10:15:27] api-debugger.INFO: >>>>>>>>
POST /wp-content/plugins/mywpguru/bfnetwork/bfAudit.php HTTP/1.1
Content-Length: 658
Referer: https://myjoomla.com/
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Authorization: Basic amVzdGVtOmN6bG93aWVraWVt
Host: al-halo-echo.pl
X-MYJOOMLA-HMAC: hZ1YO92IsUXfXUbdGqhLxfwY3Gq7XiAQQqqnJEiE9ho=
View gist:1a0fd253e64f32ea0ef32d5db2822cb7
[2019-09-22 10:15:27] api-debugger.INFO: >>>>>>>>
POST /wp-content/plugins/mywpguru/bfnetwork/bfAudit.php HTTP/1.1
Content-Length: 658
Referer: https://myjoomla.com/
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Authorization: Basic amVzdGVtOmN6bG93aWVraWVt
Host: al-halo-echo.pl
X-MYJOOMLA-HMAC: hZ1YO92IsUXfXUbdGqhLxfwY3Gq7XiAQQqqnJEiE9ho=
View gist:666ffa220ce5cb0620c0973eba24ba17
[2019-09-22 10:10:00] api-debugger.INFO: >>>>>>>>
GET /wp-login.php?redirect_to=http%3A%2F%2Fal-halo-echo.pl%2Fwp-admin%2F&reauth=1 HTTP/1.1
Host: al-halo-echo.pl
User-Agent: myJoomla/2.0 (myJoomla.com)
X-MyJoomla-FAQ: For full details see myJoomla.com or email phil@phil-taylor.com
<<<<<<<<
HTTP/1.1 401 Unauthorized
Date: Sun, 22 Sep 2019 10:10:00 GMT
View gist:8bd8aaefc1bbd763fa2daae33036066f
[2019-09-09 17:00:59] api-debugger.INFO: >>>>>>>>
POST /plugins/system/bfnetwork/bfnetwork/bfTools.php HTTP/1.1
Content-Length: 923
Referer: https://mysites.guru/
User-Agent: mySites/3.0 (mySites.guru)
Accept: application/json
X-MyJoomla-FAQ: For full details see mySites.guru or email phil@phil-taylor.com
Content-Type: application/x-www-form-urlencoded
Host: www.apecs.org
X-MYJOOMLA-HMAC: 5picr+I4nWZUlPGd4izSMbVzm9mEhNxWKx5B7QeBzQ0=
View gist:c8722d79f014c07263162b6f362d0e93
34.201.72.165 - - [02/Jul/2019:14:21:30 -0500] "GET /administrator/ HTTP/1.1" 200 2016 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
34.201.72.165 - - [02/Jul/2019:14:21:30 -0500] "POST /administrator/index.php HTTP/1.1" 303 20 "https://refugecountryclub.com/administrator/" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
34.201.72.165 - - [02/Jul/2019:14:21:31 -0500] "GET /administrator/index.php HTTP/1.1" 200 6592 "https://refugecountryclub.com/administrator/" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
34.201.72.165 - - [02/Jul/2019:14:21:33 -0500] "GET /administrator/index.php?option=com_templates HTTP/1.1" 200 8114 "https://refugecountryclub.com/administrator/index.php" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"
34.201.72.165 - - [02/Jul/2019:14:21:34 -0500] "GET /administrator/index.php?option=com_templates&view=template&id=10000++ HTTP/1.1" 200 24129 "https://refugecountryclub.com/administrator/index.php?optio