Using grep on .php in the /home/ directory

Since using Cloudflare, I'm getting emails from my site and I can't figure out the origin!

Quick backstory: several years ago I had a script that was constantly being hammered with injection attempts, using a falsified query string. So I set it up to send me an email with the exact query string each time, and then I gave the user a forbidden response code. Eventually I got it all straightened out and removed the bit of code where it emailed the query string to me.

The emails I'm getting now have that same email subject, but the body is blank!

I looked at the PHP script that originally had that, and confirmed that the email code is definitely not there. So now I'm thinking, maybe I uploaded it to one of my other sites and renamed it, and now it's being pinged by the Cloudflare bot?

The only way I know for sure to find out is to use grep to look for the exact email subject across the entire /home/ directory. But, of course, I need it restricted to PHP scripts or it'll spend a week scanning images!

This is the easy part:

grep "Email Subject" /home/*

I'm taking an educated guess that I'd use this to restrict it to PHP:

grep "Email Subject" /home/*.php

Would that delve in to all subdirectories?

# I found an example using {foo,bar} but can't find it in the docs # I'm also using -l in grep now to just show the filename; I don't think -r is necessary if I use find find /home/{foo,bar,lorem,ipsum}/public_html/ -type f -name "*.php" -exec grep -l 'Email Subject' {} \;

Using grep on .php in the /home/ directory

csdude55

phranque

Jonesy

csdude55

phranque

csdude55

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week