The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Find old scripts on server

Discussion in 'Security' started by bettinz, May 28, 2013.

  1. bettinz

    bettinz Member

    Joined:
    Jun 17, 2011
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Hello, i've search on the forums, but without results :(

    I'm looking for a system that keep me informed on who have an outdated version of scripts in their public_html; for example, if user A have Joomla 1.5.25, with security trouble, i want to be notified, and eventually, after X days, put down the website.

    I think it's important, today, with CMS everywhere, and with bugged components for Joomla or plugins for wordpress (for example), find a way to keep everything updated.

    I've found LMD and CXS, but i think they found only "real" malware, and not bugged scripts (like old versions of plugins or wordpress). I've also found Old Script Finder - scan your servers for old, out of date perl/PHP scripts. but I can't understand if it's really maintained.

    Anyone have this problem? How have you solved? I already use a "cage" system, so every website is isolated, but I want to prevent, if possible ;)
     
  2. faisikhan

    faisikhan Well-Known Member

    Joined:
    Dec 12, 2011
    Messages:
    88
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Islamabad, Pakistan
    cPanel Access Level:
    Root Administrator
    Your idea is great to protect our sites from getting hacked and also preventing them from attacks but that needs to have some scripts written in any programming language like Perl or python checking the plugins or patches regularly and update the admin via an email about the upgrade etc. I'll also search and sort out for any suitable solution & will try to post here on the same thread if I get one.
     
  3. ThinIce

    ThinIce Well-Known Member

    Joined:
    Apr 27, 2006
    Messages:
    346
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    Disillusioned in England
    cPanel Access Level:
    Root Administrator
    I'm unsure how many 'in house cooked' (or half baked) solutions for this requirement are floating about, but if you're using it it's possible to add checks for out dated scripts to ossec and a while back a few such rules were added

    Detecting outdated (web) applications with OSSEC | Daniel Cid

    The approach taken by old script finder (looking in document roots by examining httpd.conf) is interesting, but that site does look rather neglected doesn't it, I've dropped them a line to enquire
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    If you are unable to find a viable script to meet those requirements, our application catalog provides a list of third-party developers that you can consult with:

    Development Services

    Thank you.
     
Loading...

Share This Page