Last active
April 23, 2024 15:47
-
-
Save CapWebSolutions/99a3eb5897a7e21a1643ca426e0f1573 to your computer and use it in GitHub Desktop.
Latest iteration of security scanning script for MainWP instance.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # This script is executed from a terminal prompt at the root of your MainWP WordPress website. | |
| # It uses the same services as WP CLI, so if WP CLI runs, this should also. | |
| # | |
| # Execute MainWP CLI command to generate a list of all configured sites in MainWP | |
| # Pipe output through filter to remove columns 3 and 4 of output. These columns hold the 2 digit site number. Adjust if more than 99 sites. | |
| # Pipe that output to get rid of the comment lines in the site listing. | |
| # Pipe that output through the SED editor inserting the security scan command at the beginning of the line | |
| # Send everything to a shell script to be executed. | |
| cd /var/www/capwebwpcare.com/htdocs | |
| NOW=$(date +%Y%m%d%H%M%S) | |
| LOG_FILE=../logs/${NOW}_sec-scan.log | |
| CURRENT_LOG_FILE=../logs/current_sec-scan.log | |
| AUTO_SH=${NOW}_sec-scan-auto.sh | |
| AUTO_SH_ROOT=${NOW}_sec-scan-root-auto.sh | |
| # Get rid of old existing log files & auto gen'ed scripts. | |
| rm -f ../logs/$(date +%Y%m%d* --date='1 week ago')_sec-scan.log | |
| rm -f ../logs/$(date +%Y%m%d* --date='1 week ago')_sec-scan-auto.sh | |
| #rm -f ../logs/*_sec-scan.log | |
| #rm -f ./*_sec-scan-auto.sh | |
| #rm -f ./*_sec-scan-root-auto.sh | |
| rm -f ${CURRENT_LOG_FILE} | |
| # | |
| gp wp capwebwpcare.com mainwp sites | cut -c3-4 | grep -E '([0-9]|[0-9][0-9])' | sed 's/^/gp wp capwebwpcare.com mainwp-sucuri scan /' > ./${AUTO_SH} | |
| # | |
| # Make the newly created shell script executable. | |
| chmod +x ./${AUTO_SH} | |
| # | |
| # Dump it out to verify. | |
| cat ./${AUTO_SH} | sed 's/$/ --allow-root/' > ./${AUTO_SH_ROOT} | |
| chmod +x ./${AUTO_SH_ROOT} | |
| # | |
| # Add timestamp inside log file | |
| date >> ./${LOG_FILE} | |
| # dump out the generated script to the log | |
| cat ./${AUTO_SH_ROOT} >> ./${LOG_FILE} | |
| # | |
| # Run the shell script and watch the progress. | |
| # Pipe the output the terminal and append to log file to keep track of results. | |
| ./${AUTO_SH_ROOT} | tee -a ./${LOG_FILE} | |
| # | |
| # Save this log file as 'current' | |
| cp ${LOG_FILE} ${CURRENT_LOG_FILE} | |
| cat ${CURRENT_LOG_FILE} | grep 'Warnings' |
Author
Hey forgetwp,
Thanks. Yes, you can include the security scans in the pro reports. I use the pro-report-basic that is included to generate the attached report page.
Ahh, true. It is also included on PRO reports under Security.
I missed it because I was looking for some sort of Sucuri branded green check boxes, etc. :)
Thanks for your help.
Thanks so much for sharing this!
Does anyone know what the output would contain if something was wrong? For example, a site were blacklisted or there was malware?
I'm looking to have the script send a different email if a string of text is detected to indicate an issue, but I'm not really sure what string to search for since I haven't had this happen yet.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Awesome work! Exactly what I was looking for!
Do you guys know if there is a way to include Sucuri scans on PRO reports?