This is a security extension that keeps track of any preexisting <scripts> in your database tables, if any.
It contains a CLI command to be run via cron. If any changes are detected (either a new script is added or an
existing script is modified), then you will be alerted via email.
- Set up email configuration in Admin -> STORES -> Configuration -> GENERAL -> Store Email Addresses -> Security Scan Emails
- Sender Name
- Sender Email
- Recipient Email
- Verify that you have no malware or malicious scripts in the following database tables:
cms_block:valuecms_page:contentcore_config_data:content,layout_update_xml
- Run the following command to write the script status config to
var/scan:bin/magento holdenovi:scan:database --set-status
- Set the following command to run via cron on any schedule you wish:
bin/magento holdenovi:scan:database
- This extension will not notify you in any of the following conditions:
- A script is removed from your tables.
- The order of unmodified scripts is changed.
- If you remove any malware, then you will have to reset the status by running the command with the
--set-statusflag. - If you use Capistrano, add the
var/scanfolder to your shared directories, otherwise, your status file will lost in subsequent deployments.
- New record:
- New table
- Existing table, new key
- Existing table, existing key, new column
- Modified record:
- Add new script to existing field
- Modify script in field
- Add feature to allow additional (custom) table configs.