PHP Security

AXISHK
AXISHK used Ask the Experts™
on
We are website provider and we find that some of the hosted website cause email bounced. Under further investigation, we find that a website has been use <frame> ... </frameset> and within the frameset, there is a redirection to use a php on another website - the original designer of the website.

Is it possible to disable frameset, or website redirection ? I am asked to review the existing infrastructure and give immediate action.

1. Is there any tools to to rescan all our existing websites and identify this kind of problem ?
2. Any solution to remedy this problem ?

Tks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Dave BaldwinFixer of Problems
Most Valuable Expert 2014
Commented:
There are many legitimate reasons for using frames and I would be very upset if you blocked things in my web site because someone else caused a problem.  And bounced emails are an everyday occurrence for a variety of legitimate reasons.  

The proper action to me is to contact the people who are responsible for the problems and ask them to fix it.  If they don't respond, then you can simply block access to their site until they fix their problems.
Most Valuable Expert 2011
Top Expert 2016

Commented:
It sounds like your server has been hacked.  You can scan all of the existing scripts for <frame> and <iframe> and manually check each instance of the results.  That is what I would do.  I agree with Dave -- I do not know any way to "turn off" features of HTML and even if I could, I would not do that because of the risk to legitimate clients who might depend on this functionality!  If you find that one account is causing the trouble, it would be fairly easy to disable that account until the owners correct the problem.

Author

Commented:
Any idea how to write a script to quickly scan a folder and sub-folder , with say "iframe" and write the file and path to a log file ?
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Most Valuable Expert 2011
Top Expert 2016

Commented:
Yes, you can use recursivedirectoryiterator.  I'll try to find an example for you.
Most Valuable Expert 2011
Top Expert 2016
Commented:
You might start here.  There might be other sanity checks you would need, for example, you would not want to read files larger than your memory allocation, etc.
<?php // demo/temp_axishk.php
/**
 * http://www.experts-exchange.com/questions/28706387/PHP-Security.html
 */
error_reporting(E_ALL);
ob_start();

// PUT THIS SCRIPT IN THE WEB ROOT DIRECTORY
$path = realpath(getcwd());

// THE SIGNAL WE ARE SEEKING
$signal = strtolower('IFrame');

// THE COLLECTION OF POSITIVE HITS
$out = [];

// SEE http://php.net/manual/en/class.recursivedirectoryiterator.php#85805
$objs = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::SELF_FIRST);

// UNFORTUNATELY THIS DOES NOT WORK AT PHP 5.4
// var_dump($objs);

// ITERATE OVER THE OBJECTS
foreach($objs as $name => $obj)
{
    $doc = strtolower(file_get_contents($name));
    if (strlen($doc) < strlen($signal)) continue;
    if (strpos($doc, $signal, 1))
    {
        $out[] = $name;
    }
}

// REPORT THE RESULTS
if (empty($out))
{
    echo "<h3>Good News! No <i>$signal</i> found.</h3>";
}
else
{
    echo "<h3><i>$signal</i> found here:</h3>";
    echo '<pre>';
    print_r($out);
}

Open in new window

Author

Commented:
Tks

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial