Watchdog for WHMCS - Detect Compromised Files, Intruders
We're pleased to announce we're working on releasing our second free module for WHMCS. In case you missed the first, it's named Plesk Checker. It lets you quickly identify problems in the integration between WHMCS and Plesk.
This time we want to open source a script we used internally for years to help our customers to fix compromised installations of WHMCS. Here is the dashboard (click to enlarge).
The script performs file system integrity checks to detect:
- Compromised files that could potentially threaten your core install (eg. malwares, files with injections)
- Intruders. Unknown files that require your attention as they could be legitimate scripts of backdoors
- Missing files that could cause unexpected errors
- Anomalous and suspicious files buried deep within directories
You can inspect all findings to take the appropriate actions but the module can also be configured to automatically deal with such files.
The module verifies checksums of all .php files and performs checks every X hours. When a compromised file is detected, optionally the module can automatically take any of the following actions.
- Neutralize file so that it can't be used to harm your system (quarantine)
- Send notifications to selected administrators
All settings can be changed from the following simple and intuitive interface.
Please keep in mind that the module is not ready for use as we're still working on it. It won't take much time since we're "converting" a stand-alone script to make it work as a WHMCS Addon module.
Follow the project on Github to send suggestions and be the first to use it once it will be ready for use!
Looking for other free scripts? Take a look at our huge collection of Action Hooks and Reports for WHMCS.