Monitor for Changes — Jinsi ya Kufuatilia Mabadiliko ya Mafaili kwa Usalama wa Website
Jifunze jinsi ya kufuatilia (monitor) mabadiliko kwenye mafaili ya website kama config.php, .env, index.php, admin files, na core folders ili kuzuia malware, backdoors na unauthorized edits. Blog hii ina commands, tools, code examples na best practices kwa security ya PHP websites, Linux servers na shared hosting.
📞 WhatsApp: https://wa.me/255693118509
🌐 Website: https://www.faulink.com
Utangulizi
Moja ya njia maarufu wanazotumia hackers ni:
✔ Kubadilisha mafaili
✔ Kuongeza malicious code
✔ Kudump command injections
✔ Kuingiza backdoor scripts
Kama hutoi File Change Monitoring, unaweza kugundua shambulio baada ya wiki au miezi.
Kwa hiyo monitoring for changes ni sehemu muhimu sana ya Website Security.
1️⃣ Kwa Nini Monitoring for Changes Ni Muhimu?
Kwa sababu:
Inakuonyesha file yoyote iliyoguswa
Unajua nani alibadilisha nini
Unagundua backdoors mapema
Unapunguza uharibifu
Unazuia silent attacks
Mfano wa faili ambazo lazima zilindwe:
config.php
.env
index.php
admin/*
includes/*
themes/*
plugins/*
2️⃣ Checked File Changes Automatically (Linux Servers)
Command ya kuona mafaili yaliyobadilika masaa 24 yaliyopita
find /var/www/html -type f -mtime -1
Mfano: kuona ndani ya dakika 60 zilizopita
find /var/www/html -type f -mmin -60
Hii inaonyesha hacker akibadilisha file.
3️⃣ Monitor Changes Kwa md5 Checksums
Unaweza kutengeneza snapshot ya mafaili salama:
Generate baseline hash
find /var/www/html -type f -exec md5sum {} \; > baseline.md5
Check for changes
md5sum -c baseline.md5
Hii itakuonyesha:
FAILED
OK
File yoyote yenye "FAILED" imebadilishwa.
4️⃣ PHP Script ya Kufuatilia Mabadiliko (Simple Monitor)
<?php
$directory = "./";
$files = scandir($directory);
foreach ($files as $file) {
if (is_file($file)) {
echo $file . ": " . filemtime($file) . "\n";
}
}
?>
Hii script inaonyesha last modified time.
Unaweza kuiwekea cron job ili ukipata mabadiliko, ikutumie email.
5️⃣ Advanced Monitoring Tools (Linux)
✔ AIDE (Advanced Intrusion Detection Environment)
Ni powerful na hutumiwa na security admins.
Install AIDE:
sudo apt install aide
Initialize:
sudo aideinit
Check:
sudo aide --check
AIDE inakuonyesha file yoyote iliyobadilishwa, kufutwa au kuongezwa.
✔ inotifywait (Realtime Monitoring)
Install:
sudo apt install inotify-tools
Real-time alert:
inotifywait -m /var/www/html
Ikigusa file lolote, utaona live:
MODIFY index.php
CREATE backdoor.php
DELETE config.php
6️⃣ Monitor Changes kwenye Shared Hosting (No SSH)
Kwa hosting kama:
Hostinger
Namecheap
Bluehost
Afrihost
Huwezi kutumia commands — lakini unaweza kutumia PHP File Change Monitor.
Simple PHP Change Detector
<?php
$folder = './';
$log = 'changes.log';
$files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($folder));
foreach ($files as $file) {
if ($file->isFile()) {
$timestamp = date("Y-m-d H:i:s", $file->getMTime());
file_put_contents($log, $file . " - Modified: " . $timestamp . "\n", FILE_APPEND);
}
}
?>
Unaweza kui-run once daily via Cron Job kwenye cPanel.
7️⃣ Monitor Changes Using WordPress Plugins (If WP)
Kwa WordPress tumia:
Wordfence
iThemes Security
Sucuri Scanner
Hizi huonyesha:
✔ Files modified
✔ Files deleted
✔ Files added
✔ Malware traces
8️⃣ Notify File Changes by Email (PHP Example)
<?php
$target = "config.php";
$last = filemtime($target);
if(!file_exists("mtime.txt")){
file_put_contents("mtime.txt", $last);
}
$old = file_get_contents("mtime.txt");
if($last != $old){
mail("admin@example.com", "File Changed", "$target was modified!");
file_put_contents("mtime.txt", $last);
}
?>
Ukigusa config.php, utapata email instantly.
9️⃣ Recommended Folder Structure for Monitoring
project/
│
├── monitor/
│ ├── baseline.md5
│ ├── monitor.php
│ └── log.txt
│
├── config/
├── public/
└── storage/
🔟 Monitoring Checklist (Ready-to-Use)
Task Status
Baseline md5 checksum created ✔
Cron job monitoring runs daily ✔
Real-time alerts via inotify Optional
Sensitive files monitored ✔
Logs stored securely ✔
Email alerts configured Optional
Backup after monitoring ✔
Hitimisho
Monitoring for changes ni moja ya ngao muhimu zaidi kwenye website security.
Ukiona faili limebadilika bila ruhusa — hiyo ni ishara ya shambulio.
Kwa msaada wa Website Security Hardening, malware removal, au monitoring setup:
📞 WhatsApp: https://wa.me/255693118509
🌐 Website: https://www.faulink.com
🚀 Unahitaji mfumo au website ya biashara?
Chagua huduma hapa chini kisha mteja bofya moja kwa moja kwenda kwenye ukurasa wa huduma au kuwasiliana nasi kwa WhatsApp.