Assuming that I've tried my best to write secure code: database isn't easy for sql injection, output is filtered from xss, and other. The next question is how do I track that someone has tried to hack a website. What can a developer do that doesn't involve them reading through logs of every URL request that came to their website? (not that I even know how to do that).
I use PHP so tools or answers specific to PHP are welcome.
Obvious - read the system logs
Not so obvious - Install this: https://github.com/PHPIDS/PHPIDS
Found that website some time ago, and since you're on PHP I believe that you'll love the demo ;)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With