Operation and maintenance scenarios:
Have students who have done operation and maintenance encountered files that have been maliciously modified, and it is impossible to query who, when, what content was modified, and whether it can be restored to the original state? After the fatal questions, the operation and maintenance was speechless. Take the blame, operation and maintenance!
If you make a backup, you can restore it through the backup file, but! Are the backed up files complete? Well, the operation and maintenance took the blame and did not verify the integrity of the backup file.
Solution:
As we all know, Baota Panel is a technology company involved in the fields of operation and maintenance and security. Now it has launched a file monitoring plug-in that
can:
1. Monitor file creation, deletion, modification, and movement, and monitor file dynamics in real time.
2. Create new files. Colleagues who modify files can perform Trojan scanning on newly created files and modified files to nip Trojans in the bud.
3. Back up modified files and quickly restore to normal file contents.
4. Alarm notifications can be implemented for email, DingTalk, Enterprise WeChat realizes monitoring of file dynamic abnormalities and promptly notifies the person in charge
The following is a detailed tutorial:
Tutorial environment:
Operating system: Debian10 x86_64
Panel version: 7.9.37 (test version)
Plug-in: File monitoring 1.1 
There are three categories:
1. Monitoring list
2. Service status
3. Operation log
1. Monitoring list:
1. Create a monitoring directory: 
Create a new file, name it dapaoaa.php
and then write to the file,
<?php
echo "Hello World<br />";
?>
Check the monitoring directory log information: 
2. Delete this file and use historical file recovery in file management ( note that this function requires the recycle bin function to be turned on ) 
. The recovered files will be returned to the original file directory.
3. Recover after modifying the file content. After modifying
the file content, if you find that the modification was wrong, you can use the historical version of the file to restore:
Modify the file content: 
View the historical saved file
You can click the Open button to view the content of the file before modification and restore it.
As shown in the figure, restore to the content before modification: 
Exclusion function:
If all files are backed up, then the server's disk may not be enough. We can restore it according to file type and folder Name to exclude. 
Test the excluded file type, txt format.
Return to the root directory of the website and create a file in txt format. 
Open the log to see if it is not recorded. Then delete the file exclusion in txt format and add content and it will be recorded.
Exclude folders
Files in excluded folders will no longer be monitored.
Alarm notification:
Add message channel tutorial: Add tutorial
Open the panel homepage-----Panel settings----Notification settings 
I take DingTalk as an example:
After modifying the content, DingTalk will immediately notify you with a message. 
Anti-virus test:
Modify the original file as a Trojan file, 
save it and view the log: 
Open DingTalk and receive an alert. 
2. Service status.
You can stop or restart the current file monitoring service. 
3. Operation log :
Can display the status information of operating file monitoring, such as modified files, file monitoring service status, etc. 
Notes:
1. Before turning on file monitoring, please first open the recycle bin. If there is no recycle bin, then deleted files cannot be deleted from the system. Restored in the Recycle Bin
2. The situation of not backing up is as follows:
empty folders,
files larger than 3M,
files with the same content as the last
backup, files or folder names in the exclusion list
3. If the modification option is not turned on, then the anti-virus and The backup function is not effective
Baota 724 Operation and Maintenance Festival: There is such a group of people who are on call 24 hours a day, 7 days a week. In order to be grateful to this group of silently dedicated operation and maintenance people, July 24th is designated as the Operation and Maintenance Festival every year. May there be no blame in the world
. Code without BUG
