Apache Friends Support Forum

[unleash_it]

hello dear Community, good day dear experts,.


the topic to day: Free security audit tool for LAMP server?


I've you are running websites on a dedicated LAMP server (eg. Ubuntu or some other systems) with several Drupal and Wordpress and
probably Joomla-installations on it you probably thought of a security audit tool for this LAMP server?

question; Is there a free tool, which could scan my server with all websites and generate automatic reports about discovered security vulnerabilities?

thesis: Prevention is much much better than cure. therefore we need to start with the prevention-steps first.

first: malicious hackers typically try to find vulnerabilities and security weaknesses on our WordPress websites.

They use automated software and scripts to do these kind of jobs. We have the options to prevent them doing so. We can do steps to avoit the intrusion.

step one: scan the website and detect possible old and vulnerable plugins, themes or WordPress core, or terrible brute force attack on the servers and additionally on the WordPress website

The hacker try to find out weak and broken credentials (and yes: this is pretty important - we need to enforce strong password policies),

step two: try to detect automated WordPress Security Scans: find out what goes on on the webserver.
shed a light on the processes. example: an automated scanner can send thousands and thousands of HTTP requests.
All of these mentioned requests are aimed only by one goal. They try to exploit known vulnerabilities in WordPress.

- in a theme
- in a plugin or somewehere elese
- or hence due to bad bad passwords do other harm to the server or the sites.

the above mentioned script can help here: we can use / or create a script that runs periodically - eg. daily weekly or so.. .we have to find out the best intervals or periods (well the good thing s that we can make use of some so called cron or some other mechanism), that would checksum all files, and compare the checksums with a previously stored record, then notify you if there are differences.

With such security-steps we can try to protect the wordpress-sites and try to identify insecure WordPress defaults
that could give them some leverage against the server or the website.

conclusio: We need to find security weaknesses that could give the attackers some ideas and futher information to help them launch more sophisticated attack,

among them are:

- store malicious files on your system,
- leftover files,
- database exports - in other words - stolen data from the db and subsequently
- disclosure of important and probably also sensitive information.


so the question is: is there a free security audit tool for LAMP server - a tool that supports the detecting & getting notified of WordPress hack attempts


look forward to a fruitful discussion

regards

[nemesis]

https://media.ccc.de/v/eh16-62-zeitgemasse_webserver-konfiguration_--_ein_serviervorschlag recommended
https://media.ccc.de/v/gpn17-8599-http_security_header
https://media.ccc.de/v/linuxtag11-309-server_absichern_aber_richtig_ little bit older and more basics.

https://en.wikipedia.org/wiki/Kali_Linux Pentesting

[unleash_it]

good day dear Nemesis,

many thanks for the quick answer with the links - thanks for sharing them.


I wlll have a closer look at all those.