# Block direct access to post.php except from your own domain <Files "post.php"> Order Deny,Allow Deny from all Allow from 127.0.0.1 Allow from your-monitoring-ip </Files>

Basic scripts like the one above are easy for security scanners to detect. Modern phishing kits include more sophisticated code.

These lines log the victim’s IP address and browser user agent. This serves two purposes for the attacker: