MageStack performs a number of different automated audits for security purposes, this includes access, file changes and PHP code differentials. The data is stored in the logs directory for the respective host it applies to.
|Magento vulnerability scanner||
|File change list||
|PHP code differential||
|SSH keys for each user||
|Last SSH logins||
|Current SSH logins||
|-dh[0-9]+ |---access-YYYY-MM-DD.log.gz |---backup-YYYY-MM-DD.log.gz |---magescan-YYYY-MM-DD.log.gz |---php-differential-YYYY-MM-DD.log.gz |-acc[0-9]+ |---access-YYYY-MM-DD.log.gz
A small report is prepared that contains just the important information
- PHP changes
- JS changes
- File changes
- Vulnerability scanner results
You can view this report by logging into your access server via SSH and switch user to
su -l root
Then execute the following command, pressing the space bar to paginate through the results.
log_check.sh | more
You can also send the results direct by email by using your email address as arguments supplied to the script,
log_check.sh firstname.lastname@example.org email@example.com
You can add more email recipients by adding them to the end of the line, separated by a space.
Daily email notification
If you want the mini report to be sent to you each morning as a report, then you can use the built-in notifier to send you an email.
Log into your access server via SSH and switch user to
su -l root
Then edit the
crontab to add another task at 9am daily,
0 9 * * * /microcloud/scripts_ro/log_check.sh firstname.lastname@example.org email@example.com