Changes between Version 4 and Version 5 of web-app-security

Timestamp:

Oct 1, 2017, 6:45:56 PM (8 years ago)

Author:

Jamie McClelland

Comment:

--

web-app-security

@@ -1 +1 @@
 = Web Application Security =
+
+== Control Panel Installation ==
+
+Enable control panel installation of WordPress and Drupal via control panel. This step helps us keep track of which sites are running Drupal and WordPress so we can properly upgrade them and check them for compromises.
+
+We currently allow for Drupal 7 installation via the Control panel, but not Drupal 8 (see #11601) 
+
+WordPress is almost ready (  )
+
+== General web app maintenance ==
+
+The script `mf-check-web-app` automates the maintenance of Drupal and WordPress sites on our servers.
+
+Usage is:
+
+{{{
+Usage
+
+/usr/local/bin/mf-check-web-app --path [PATH]  --action [ACTION] --quiet
+ 
+ PATH
+   
+   auto - check all directories on the server based on web-app-security directory files
+     otherwise, only check the single path provided
+   default is current working directory
+ 
+ ACTION
+  
+  integrity - check file integrity
+  core - means upgrade just core
+  plugins - upgrade just third party plugins, modules and themes
+  auto - do whatever is defined in the web-app-security directory
+  default is integrity
+ 
+ QUIET
+
+Output nothing. Check logs.
+}}}
+
+It lives in /usr/local/bin and can be run as root (in which case it drops privileges to the owner of the Drupal or Wordpress site) or as the user that owns the site.
+
+The default action (when run with no arguments) is to run an integrity check on the current workding directory.
+
+When operating in "auto" mode, it finds web apps by searching for the files `/home/members/*/sites/*/.red/web-app-security/{drupal,wordpress}-{core,plugins,integrity}`.
+
+If it finds files, it runs according to the file included. 
 
 == Monitoring of compromised sites ==
 
-[In process, see #13159]
+The monitor script mf-monitor-webapps executes the script mf-check-web-app and triggers a Nagios warning if it finds any web app sites that fail the test.
 
-The monitor script mf-monitor-webapps executes the script mf-check-webapps and triggers a Nagios warning if it finds any web app sites that fail the test.
-
-== Search server for compromised sites ==
-
-The script `mf-check-webapps` searches the given server for any web app that has been compromised.
-
-It finds web apps by searching for the files `/home/members/*/sites/*/.red/web-app-security/{drupal,wordpress}-core`.
-
-If it finds either file, it runs a check to see if the specified web app has been compromised.
-
-In normal mode, it outputs each site that has checked and the status of the site. In quiet mode, this output is supressed.
-
-Once the run is complete, it either:
-
- * Returns no output and the exit code 0 to indicate that no sites show signs of compromise
- * One line with a comma separate list of site names that are compromised and the exit code 1 to indicate a compromise
- * Error output and the exit code 255 to indicate an error prevented the script from running properly.
-
-== Control Panel Installation ==
-
-Enable control panel installation of WordPress and Drupal via control panel.
+In process, see #13159.
 
 == Auto Upgrades ==
-[NOTE: Not yet implemented, still under development.]
+
+See #11405.
 
 May First/People Link provides a service to automatically provide security updates to your web applications. If you opt-in, your web application will be checked every night to see if any security updates are available and, if so, they will be installed.
@@ -48 +75 @@
 To indicate that you want to have your web application automatically upgraded, please create a file or files with the following names to indicate what you want upgraded.
 
+ * drupal-integrity
  * drupal-core
  * drupal-modules
 
+ * wordpress-integrity
  * wordpress-core
  * wordpress-plugins
@@ -91 +120 @@
 
 == Open Tickets tagged `web-app-security` ==
+
 [[TicketQuery(format=table,status=new|assigned,keywords=~web-app-security)]]