Security Monitoring for PHP based website

Product Description

Security Monitor for PHP
A lightweight, single-file, passive security monitoring script designed for PHP applications. It silently monitors incoming requests for common attack patterns and logs suspicious activity without interfering with the website's functionality or user experience.


🚀 Features::::
1. Zero-Footprint Integration: Does not produce output, modify headers, or change global variables ($_GET, $_POST, etc.).
2. SQL Injection Detection: Identifies common SQL keywords and syntax patterns (e.g., UNION, SELECT, --).
3. XSS Detection: Monitors for script tags, JavaScript protocols, and malicious event handlers.
4. Directory Traversal: Detects attempts to access parent directories using ../.
5. Bot/Scanner Detection: Flags suspicious User-Agents like sqlmap, nikto, and nmap.
6. Rate Limiting: Monitors request frequency to identify potential brute-force or DoS attempts.
7. Sensitive File Protection: Logs attempts to access critical files like .env or config.php.
8. Silent Logging: Appends threat data to a local text file; fails silently if the file is unwritable.
9. Email Alerts: Optional integration via PHP mail() for immediate threat notification.