Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

check_wp

Current Version
0.1
Last Release Date
2012-09-06
Compatible With
  • Nagios 3.x
Owner
License
GPL
Hits
53666
Files:
FileDescription
check_wp.shThe checker script
my.cnfThe Mysql profile
Network Monitoring Software - Download Nagios XI
Log Management Software - Nagios Log Server - Download
Netflow Analysis Software - Nagios Network Analyzer - Download
Plugin to check code injection into the Wordpress platform.
The script executes two check:
- compute an hash value for the Wordpress installation directory and
compare it with a given hash file,
- if the check is ok, compute an hash for each page in posts table and
compare it with an other given hash file

The plugin, using the opportune flag, creates also the hash files requested.

It use the md5deep as external program (install it before run the script).
Moreover the script require that the check, the database of the Wordpress instance and its site (apache) runs to the same server.

This script has been designed and written on Unix platform and tested only on Ubuntu distribution

Installation
1) Install the md5deep program (apt-get install md5deep)
2) Copy the shell script to libexec nagios directory
3) Rename the Mysql profile into ".my.cnf" and put it into the home of the user that run the check process
4) Modify the Mysql profile with the user and password used to connect to the Wordpress database

In my environment, I use the check with NRPE. The Mysql profile is in the home of root user and the NRPE command (nrpe.cfg) is defined by

command[check_business_lago_it]=sudo /usr/local/nagios/libexec/check_wp.sh -dh [Worpress home] -fh [filesystem file hash] -bh [database file hash] -db [Worpress database name]