Search Results for "website scripts"

By default, all scripts on a webpage are allowed to send and fetch data to any site they want. This can be a security problem. Imagine one of your JavaScript dependencies sends all keystrokes, including passwords, to a third party website. It's very easy for someone to hide this malicious behaviour, making it nearly impossible for you to detect it (unless you manually read all the JavaScript code on your site).

Catch bad visitors to your php website that are looking for admin access or exploitable web scripts, automatically lookup abuse information for their IP address and notify their network's administrators of their bad behavior. Most network operators provide abuse contact email addresses in their WHOIS information, and your webserver can immediately report malicious access attempts as they happen.

I have several websites and some time ago I found code in one of my websites that I did not create. One of those scripts was able to send spam and the other one had some malware code in it. Now you can argue that my website was just not safe enough because who ever placed this code had been able to get in. That is true and the ideal situation is to have such a safe website that nobody can break in. But sometimes this is hard to achieve. mod_detect was developed to at least find code that someone else placed into the scripts of your website and eventually eliminate it.