PHPIDS - Rex Scanner (PHP-Intrusion Detection System) is a simple script which can detect daily changed files once you setup this scrip in a cron. It simply recognizes file node changed file paths, modified date times and content when an attacker tries to break your site and fill up with byte codes in your source code of any files inside the server public_html. Once detect any changed file it will send you an email with a report. You can investigate the changed files and get proper actions if any of those changed files related to a hacking attempt. You can expand the script by simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session.
If you would like to contribute, please open a pull request to branch feature-development.
The project was started by Dasitha Abeysinghe [email protected] and welcome all the white hat hackers to upgrades the script for new versions.