PHP Classes

Site Change Detection: Scan directory to detect file changes

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in Bookmark in
  Info   View files View files (3)   DownloadInstall with Composer Download .zip   Reputation   Support forum (4)   Blog    
Last Updated Ratings Unique User Downloads Download Rankings  
2015-03-30 (6 months ago) RSS 2.0 feedNot yet rated by the usersTotal: 697 This week: 3All time: 4,411 This week: 451Up
Version License PHP version Categories  
scanner 1.7GNU General Publi...5.3PHP 5, Systems administration, Security
Description Author  

This class can scan directory to detect file changes.

It can perform an initial scan to a given directory and records in a MySQL database the files that were found, as well the respective hashes.

The class can perform subsequent scans to detect any files that were added, changed or deleted.

The class can also setup the database tables to perform the initial configuration.

Innovation Award  
PHP Programming Innovation award nominee
December 2013
Number 3

Prize: One downloadable e-book of choice by O'Reilly
When a Web site is attacked, often one of the things that is changed is the files that serve the site Web pages.

This class provides a solution to monitor and detect when the files of a site were changed, so you can be notified and act as soon as possible to fix the damages.

Manuel Lemos
Picture of Larry Wakeman
Name: Larry Wakeman is available for providing paid consulting. Contact Larry Wakeman .
Classes: 4 packages by
Country: United States United States
Age: ???
All time rank: 1411190 in United States United States
Week rank: 281 Up27 in United States United States Up
Innovation award
Innovation award
Nominee: 2x

Winner: 1x

I created this object because I went through a period where my client sites were being hacked. I wanted to try
to stay one step ahead of the hackers so I wrote this script to scan the website for changes and report the results.

Scanner.php is a full and useable implementation of the class, you can ftp these files to your site, run the config 
and initial scans andtehn create a cron job to periodically scan the site andreport the results in the log file and
via email. Somenotes:

    1. Find an obscure place on your website to place index.html, scanner.php and scanner.class.php.
    2. Rename the scanner.php and scanner.class.php files to some obsure name, maybe the domain to be scanned,
         like domain.php and domain.class.php.
    3. Run the configration script. If you are in a Codeigniter, Wordpress,Joomla or Drupal environment, many of
         the configuration parameters will be picked up from theirconfig files.
    4. Run an initial scan.
    5. Create the cron job.
This script is designed to scan a site and compare file hashes to saved values, reporting when files have changed,
been added, or been changed. The algorythm is not perfect but you should get a short list of files to examine.


http://[url of site]/[path to scanner]/[scanner filename].php?action=[action]

It is suggested that these files be hidden in the directory tree of the site and named something other than scanner.

    scan or none - Perform a scan of the site, designed to be done in a cron job
    config - set up scanner configuration
    initial - perform an initial scan

V2.0 - changed processing methodology to ease memory requirements. As a sided benefit, execution times are significantly
			 shorter and database space has been significantly decreased.

			 The schema has changed. Old tables will not be deleted but may be deleted by hand by the site manager. These
			 tables are <DB Tablename Root>, <DB Tablename Root>_run, <DB Tablename Root>_scan, and <DB Tablename Root>_temp,

I have had issues with Server 500 errors on a site with three WordPress instances in it. My solution was to create three 
cron jobs, one for each instance, ignoring the directories of the other two instances in teh root instance. Something about
recursing to deep. If I find a soolution, I will issue another update.

Donate to this project at
  Files folder image Files  
File Role Description
Plain text file readme.txt Doc. Readme file
Plain text file scanner.class.php Class The main Class
Plain text file scanner.php Example Demonstration

 Version Control Unique User Downloads Download Rankings  
 0%Total:697All time:4,411
 This week:3This week:451Up