Sophism

Sophism does not currently provide support for this item.

18 comments found.

Nice start! Do you know when you will have exclude and shell scanner features added? GLWS!

The next update will have excludes by directory and file type, as well as an updated dashboard interface and some extra settings + features. Hopefully it will also include a basic shell scanner, and should be done within the next couple of weeks!

Thanks!

Great! Please let me know when you have added all those features and I will buy it. Thanks.

Hello my friend. What happened to those “many more things” you said (4 months ago) you will be adding/including!?

Hello, There have been some updates already for general usability and customisation. The shell scanner is also completed, which was a very large job, and I’ve also made some big changes to the way the item works. I need to iron out a few small bugs and an update will be ready!

Furthermore, you can also check out the Wordpress plugin version which I have just released if you check my portfolio! If you have any more questions, please feel free to ask.

Hey there, I have just uploaded the update, including the file & code scanner, and it’s awaiting approval! Feel free to check it out using the Live Preview link.

Do you have a screenshot of what the emails look like. Also is there any issues with running this on very large accounts that contain 20+ sites in which I would load the files in the main root to monitor all sites/directors on my hosting account?

Thank you for your prompt reply. So my understanding is that it doesn’t send an email with changes, as of yet, but I would log in if any changes are found in which my dashboard would show all files that have been: Added, Deleted or Changed? I searched for “File monitoring” last night and didn’t see this script but instead found another which I promptly purchased and since then it has failed miserably. Thanks!

Currently the system does email you with an alert that something has been changed as soon as it finds it, but you have to access your dashboard to see details of what happened. Furthermore, scanning can be setup to be completely automated, running every X hours, minutes or seconds depending on what you specify, and alerting you whenever it detects a new or edited file.

Deleted files were purposefully not included as during the testing stage my beta testers indicated that notifications for files they had deleted were more of a nuisance than a benefit. Now that I have also added a Settings page, I would be more than happy to also include an option to enable/disable this feature if you require it.

I can’t comment on other people’s products, but I can assure you Verifile does everything it says on the box and more! If for some reason it doesn’t, I provide extensive support via email to ensure it does!

Thank you. I would have to agree after about the deleted files being a nuisance. A free script I have used for years, which finally stopped working, only emailed me changes which I didn’t mind seeing any deleted files. I just always expected to see an email when upgrading my sites. I do think it would be troublesome from a dashboard prospective. Thank you all your lengthy and detailed Information.

Sent you an email.

Replied!

Hi, I found this in your “index.php”. What about data protection and privacy? <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-62695751-1', 'auto'); ga('send', 'pageview'); </script>

Features: Automated background scanning (yes, that’s true…)

Hello, this is standard Google Analytics code that were in the demo in order to view basic page view information. It was not supposed to be in the final code. There are no issues with data protection and/or privacy, as it doesn’t report on any of the content held within the page. Please feel free to remove it or use the updated code when it’s verified. Thanks for pointing this out!

Hi there, I sent you an email. Please check it out and let me know :) Thank you.

Hey! Please check your spam folder, I sent a reply a couple of hours ago! I’ll re-send the email now

Hello! Dear tech support, prompt, the system can be installed only in the directory where it is necessary to monitor changes? Is it possible that the system was installed on a subdomain and was controlled by changing the domain name?

OK.

Sent a letter

Just saw it, sending a reply now! Please check your spam folder in 20 – 30 minutes if you haven’t received anything!

I uploaded the files to the server, then when i go to the site it’s a blank page not installation page or anything. How do i fix this?

Hello,

Once you’ve uploaded the files please go to the directory you uploaded them to, and add install.php on the end of the link. e.g. example.com/verifile/install.php

Do I have to add cronCheck.php to cron jobs ? Documentation do not mention it.

Yes that is correct!

Thanks.

Hello I bought verifile, but I can not make it to work. I did like in the documentation, but it keep loading very hard – it took 3-4 minutes untill the dashboard, and I don’t receive any emails. I did: - delete a folder and file - upload a folder and file - edit a file

And many other operations, but ..I don’t get any email telling me that something changed.

Beside, the customer support is zero. I get no answer, a few days already. Please assist Thank you

I have no emails. I check all my folders.

I wrote you an email to a**b@pr*fresh.net Please verify it.

Hello, I believe you may be having some issues on your side, as I have also used another email account and Envato’s PM system to try and get into contact with you! Also, I am receiving your emails!

I havent receive anything. My email works fine. Please help me with this to make it work… Thank you Try to my other email: ride2esc [@] yahoo.com

I’ve re-sent the email to your two email addresses, and via the comment section. If this doesn’t work I’ll contact envato to handle a refund.

Hi; The folders added to the list scanned recursively? And where/how does it keep the settings and scan results? A mysql db or flatfiles? Hope flat files in sense of backup/restore easily.

There is a button at the bottom you can click that goes to a page, which shows you an in-depth analysis of the file. It is explained in the documentation, but it isn’t too obvious – something that will be changed in the next update. In terms of deleting the file, a feature such as that requires a huge amount of security & accuracy testing in order to ensure it works correctly, so we decided to keep it for the next update too. The “Scan Results” page will be focused on heavily, as the main focus for this update was the dashboard page as well as the general GUI & UX. Thank you for your great insight, comments like this are exactly what helps make Verifile an even better product!

I checked the link, now I realized about it :) It’s fine to see detailed report about infected files, but doesn’t cover the vital needs.

Actually; There are tons of bloatware and subscription services for newbies. Automated stuffs. But real sense of security is a bit different. Nice that you are offering a self managed script. But also seems to offer some fancy stuff. What I can say is, no need to follow their ways. Doing the best in this field is so easy.

There is no software on planet earth can report about malwares accurately relying on signature patterns or heuristic (code analysis) scan. If somebody can intrude my servers, means he/she is not a newbie and absolutely will not use a script with a known pattern.

The only (known) aproach can promise nearly %100 over files security is filesystem monitoring. As your software but it needs to report about;
  • Any new file
  • Any modified file
  • Any deleted file (because they can delete files to break security mechanisms)
and if there are from those;
  • New files path and creation date/time
  • Modified files path and modify date/time
  • Deleted files path (where they should be)
Date and times are not trusty but helpful in most of the times.

This is the minimum aproach for the needs. Right closed to the minimum need is the option to delete files. It’s just a command and a button assigned to it. Dont think that you will need to deal with tons of security measures. Securing a website with chmod’s is actually dead since new scripts are made of thousands of files and a few hundreds of directories. Just rely on suPHP, delete means simply delete ;)

Weak points and possible security leaks;
  • After a server breached and become accessible, sure they can modify the security scripts to become useless. Or better than it, they can modify code to report server as clean.
  • But nobody will spent time to do those since nearly all the software vendors do the same mistake. Mistake? To keep the scan logs in the same server they want to protect. So, since you have a file access, just add a line to current files list and declerate your mailicious shell like it already exists (like not new) :)
Performance issues;
  • Scanning a server will cause a terrible disk IO bottleneck, obvious. But nice part is disk IO’s are not densitively monitored by datacenters. Rather they follow up CPU & RAM. But this is the case between you and datacenter if you are on a shared hosting. VPS, Dedicated no matter at all. But perfomance is an issue expecially on a fileserver and the security software must to let user to create some proflies and run them seperately. Not a scan button which will start to read all file system until a possible execution timeout or several minutes of disk bottleneck.
  • CPU usage. Well it sounds as “trivial” for a hash algoritm. But when it comes to server management, trivial is also something. There is a mis-understanding on security levels of hash algorithms. All those depending on different fields of usage. For example MD5 is not a safe algoritm for cryptographical communication, since it can have collisions. Collision is not something you can face on file monitoring. It is something you need a few of supercomputers and a plenty of time to cath one. After you can abuse it on a encrypted communication. But not on a file monitor. No no no…

So, if you used SHA like many new scripts (making the same mistake), suggest to turn back to MD5 since it’s weak points are not a mater for an integrity checker. Nobody on planet can invest million dolars and maybe a year to just find a collusion between a legit file and a shell. With that investment you can simply buy all the websites you decided to hack :)

Ah sorry to not forget, why Md5? Because it is way faster than SHA and it’s modules in softwares are always optimized in best due to popularity. And another note, not for integrity monitor but, for other usages, if you will look for a secure hash algorithm; This is not SHA, never will be. Think of whirlpool nowadays. Well after all of those, what I can suggest for a really useful and secure script are;
  • Keep it in a centralized place to scan files out of it’s area. Like to keep it in a maindomain.com and be able to scan mysite.com myblog.org from there. How:Simple, get the FTP datas of the sites to scan, upload the scanner and command it to run, after scan finishes, scanner will command back to mainserver to take scanlogs from there and even delete the scanlogs and scanner script from destination. I’m densitively busy over security infrastructures. What I can say is, this is the easiest way to overcome all risks. And I’m not a programmer but what I know so far is; Just give me an optimized code of scanner, I can code the the FTP send, scan and take back part easily. And sure without using a framework. They are killer of security :) Doing this aproach is not a big deal, really.

And a few additional suggestions; Let me share you a few samples which I’m not interested due to lacking points.

SSAM: http://goo.gl/oLhYPc Pros: Access over FTP and even multisite.Some extra options etc. Cons: Try to scan over FTP also :) (as far as I see). And usage (not interface) so complicated. Jumping from a screen to other with bugs. Uses MySql for nothing (just for a kilobyte of settings)

PbMonitor: http://goo.gl/9DFKAb (Former codecanyon item. But no more in sales and author is not accessible) Pros: Except of FTP access and delete option, have everything in need. Good options and useful interface. A good example of a file monitor. FTP no matter for me, I can reach all accounts centralized, but for shared host users it is not possible. Cons: No FTP, no author around, no more in codecanyon. Looks like what there is left is just it’s demo :)

SuperScan: http://goo.gl/FsA5Kr (didn’t tested yet)

And some other can be used with parameters but functions so limited 1. http://goo.gl/xiSeO6 2. http://goo.gl/JHK72g 3. http://goo.gl/GNE68W

Finally, I didn’t include here any executable based softwares. What we discuss in here are the scrips. And what is useful and portable are also scripts.

All bests

Once again, thank you very much for taking the time to write such a detailed comment! You raise some very interesting and valid points. The “virus” (web shell) scanner simply handles the well known threats, that most low level attackers would use, such as C99/C100, r57 etc. I could have created a much bigger database, but as you said, there would be no point in that as unknown shells would not appear.

So the other option is filesystem monitoring – a great alternative, but very resource intensive. Currently the system reports on new, modified and dangerous files. In the past, it reported on deleted files too, however this was more of a nuisance to most users than a positive feature. The difficulty is creating a system that can scan on a very regular basis without making a noticeable impact on the speed of a client’s server. Currently the Verifile team is looking into a way of doing this, which should be included in the next update. In terms of deletion security, what I was trying to say is that I don’t want to give a malicious user a way to wipe out files using my script! Due to this, a lot of in-depth testing needs to occur!

In regards to an attacker modifying the script – you have much bigger problems than this not working if they’re advanced enough to be able to re-code it and modify the scan results! More than likely the attacker will be extremely capable, with a lot of resources at their disposal.

Your proposed FTP feature is a great idea – please feel free to contact me via the contact form on my profile if you would like to discuss it further! You have to keep in mind this script is still in it’s early stages. I’m finally happy with how it looks, but I have so many features I want to include that I simply have not had the time to implement yet! Over the next coming months, I will be rolling out what I believe to be some features that will make Verifile the industry’s leader!

Again, thank you for taking the time and effort to give me your input, it’s extremely valuable to hear other people’s opinions, and it really helps me understand what changes need to be made!

Hello. Does this plugin detect or clean malicious code that can possibly be inside any of the website files, even those before the install of your plugin?

Hi there!

The plugin actively scans whatever files are currently in the directories you want to monitor. This includes anything uploaded before the plugin was installed, as well as anything else that is uploaded at a later stage. If you have any more questions, please do not hesitate to ask!

DS01

DS01 Purchased

Hello

I have reinstalled the latest version. I am getting message inside the dashboard: The following directories can’t be scanned:

I suppose where the problem is, but need a confirmation from the author:

Does verifile needs to be installed individually for each virtual host on my server or can it check all virtualhosts on the server? since all virtualhosts have their separate folders.

Please confirm

Hello,

In regards to your questions, you can do both! There is an option on the dashboard to run a scan whenever you want, and there is also an automated system that can be setup with CRON jobs. There is a basic explanation in the documentation on how to do this, but if you need any help with the process please let me know! You are also correct in assuming that any lower directories are also scanned. If you have any more questions, please do not hesitate to ask!

DS01

DS01 Purchased

Thanks for the response. 2 more questions:

1. Why do i always see on the dashboard: “Last Scan 01/01/1970 00:00:00”

2. Upon running the scan i don’t get any notification – scan completed or finished for eg. and inside the scan reports screen always shows “No infected or unknown files found!”

Hi again,

The first issue is caused because the scan is not being completed. Please ensure you are not leaving the page before you receive a message notifying you the scan has finished. The second issue is due to the first problem – if the scan is not completed there won’t be any results!

Hi your script look great, are you planning to add new update soon? also are you planning to add XSS/SQLi protection or more security modules? regards.

Hi there, we’re currently finalising an API system for a whole range of new features, so this one is taking quite a while! This script aims to monitor and secure your server environment, and so does not actively interact with your files in that way. Although SQLi / XSS protection is not going to be featured in the next update, I can discuss it with the team and update you! The next update will focus on making it much easier for a novice user to identify threats, as well as file submissions and updates to make the script even more automated. If you have any more questions, please feel free to ask!

Ok great to know that, so there will be more updates, thats great, yeah this script seems great to protect Wordpress it get hacked all the time with new files, so this script works with all php script right?

Yes that is correct, we also have a plugin specifically made for Wordpress, however that has not been updated to the latest version just yet. Once this next update is implemented, we will be concentrating on the plugin version!

I send you an email, need help with the script, I got some warning after install :(

Ok I see, well I try with the main public_html but the same, I got the warning in the dashboard, can you please try to configure it with another folder and try if works, I miss something on how to configure it, that domain was hacked with some infected files it was wordpress, but the host provider quarentine all, so I restore the files and need to scan to see which files are infected, regards

I’ve now added a second directory – the issue was the user’s permissions again. If you have been hacked, I would definitely propose you start fresh again, meaning completely re-install Wordpress and ensure it is up to date, otherwise the hacker can exploit your site in exactly the same way!

Ok I see, so it was permissions, I will install it in another domain to make test, and yes I will start over but I wanted to test your script in this installation to see if it detects the new files that are infected, I will make another test, regards.

Support opencart?

This is a standalone (it runs by itself) script, so yes, although it doesn’t integrate directly into it.

Hi, i cant get your script working, PHP 5.6 tons of error and warnings like this ones:

2017/10/14 18:03:05 [error] 29772#0: *97 FastCGI sent in stderr: “PHP message: PHP Notice: Undefined index: exclude_dirs in /home/xxxx/public_html/verifile/settings.php on line 229” while reading response header from upstream, client: xxx.xxx.xxx.xxx, server: xxxx.com

2017/10/14 18:03:55 [error] 29772#0: *97 FastCGI sent in stderr: “PHP message: PHP Warning: preg_match_all(): Compilation failed: missing ) at offset 15 in /home/xxxx/public_html/verifile/includes/scanner.php on line 31

PHP message: PHP Warning: preg_match_all(): Compilation failed: missing ) at offset 17 in /home/xxxx/public_html/verifile/includes/scanner.php on line 31

2017/10/14 18:03:55 [error] 29772#0: *97 FastCGI sent in stderr: “n failed: missing ) at offset 147 in /home/xxxx/public_html/verifile/includes/scanner.php on line 31

Hi there, can you please send me a message via the PM system with this information?

by
by
by
by
by
by