Cloud file website integrity monitoring service

Imagine that strangers infiltrate your home, use a refrigerator, put an advertisement on the windows, take friends to your brothel, and you don’t sleep in spirit. Say impossible? But this often happens with the owners of web sites and hosting accounts.

Do we have information about calls via SSH, FTP? A backdoor uploaded to a site can do its dirty deed before it is noticed. Or left links, linked to the pictures - they will make themselves known except by the loss of search positions. Do you know what files the hired programmer edited?
')
It seems that I overdo it with horror stories - and this is far from everything ... When I, while working in a small SEO business, thought over security issues and realized the urgency and scale of the problem, I first created for myself a simple tool for controlling the integrity of files that the owner could use virtual hosting (because there are a lot of satellite sites on such hosting), and then, gradually brought it to the level of the iFube file integrity monitoring cloud service, the beta version of which I present to your attention.

What is good cloud approach to this business? Easy installation, of course, and the fact that the data can not be compromised on a hacked server.

To get the md5 hash or modification time (customizable) of files, a special Agent script is used. I seriously approached the issue of its reliability and safety. The script has a random name and first checks the special parameter key. His script, the possibilities are strictly limited and he does not allow for side use (for vulnerabilities found, please - in a personal).

The agent script, in addition to data on the integrity of files, can also give a lot of other useful information - at the moment it is the output of the wmstat, uptime, who commands. This gives us information about CPU usage, memory usage, I / O system, SSH users. Also, when a CPU load is detected above the critical one, the processes that load the most CPU (in development) are recorded. Well, since we are calling a script on the site, why not measure the time of the request and not check for the presence or absence of a keyword (this is already at the address given by the user)?

Thus, we have the following types of monitoring:

• file integrity - creating / deleting / changing files and folders;
• system parameters - system boot, wmstat parameters, SSH users;
• availability - access time, presence / absence of a keyword;

The user receives alerts (alerts) about critical events - in the inbox of the service (available in the Alerta menu), via e-mail, via SMS - all this is configured, both by types of events and by sites. Visual graphs are also available, for example, a system load graph.

or access (uptime)


Today, the iFube service works in beta testing mode and is used free of charge (except SMS) - registration .

The nearest areas of service development:

• integration of backup capabilities, in order not only to report the fact of a file change, but also to show exactly what was changed;
• the ability to receive as part of system monitoring any data (invoking linux commands, custom scripts), and integrating them into a service with displaying charts and sending alerts.
• mobile applications.

And I will tell a little story about the creation of the project. As I already wrote, the project was created by me personally, in parallel with the small business and occasional freelancing. Time took more than a year. Also, in parallel, the framework was developed, with the use of which several sites have already been created, and which seems to me quite comfortable. The framework (all the same it is necessary to give the name - Benyx) is still not well documented, but it will also be presented.

Now I’ll just say that it combines configuration via yaml files, haml-prototyping, PHP ActiveRecord ORM, and also (oh, I understand that a controversial idea) REST extension to such, for example, requests:

KISS / girl / $ id

instead

POST / girl / $ id? Do = kiss

Yes, in the view file we write

html :: link ("+ kiss / girl / $ id", "Smack")

(what is there for a plus sign at the beginning? Well, then - open in a new window!).

What can I say about the experience of self-development of a large enough project? First of all - that this is possible, but it is - and not quickly. Keep in mind that there is no boss above you, who receives quite, as I understood, a well-deserved salary for motivating employees. When embarking on a large project, it would be good to have a supply of funds that will allow you to exist during the development time, and it is usually delayed.

Now I understand that it would be better to first develop a certain pop project that would give a livelihood and would not take a lot of time, and then devote myself to a serious business. In principle, I almost succeeded.