Forge Home

ispprotect

Install and manage php malware scanner ispprotect.com

11,667 downloads

6,796 latest version

4.5 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.6.2 (latest)
  • 0.6.1
  • 0.6.0
  • 0.5.5
  • 0.5.4
  • 0.5.3
  • 0.5.1
  • 0.5.0
  • 0.4.1
  • 0.4.0
  • 0.3.2
  • 0.3.1
  • 0.3.0
  • 0.2.0
  • 0.1.0
released May 23rd 2017
This version is compatible with:
  • ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'eelcomaljaars-ispprotect', '0.6.2'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add eelcomaljaars-ispprotect
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install eelcomaljaars-ispprotect --version 0.6.2

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

eelcomaljaars/ispprotect — version 0.6.2 May 23rd 2017

ispprotect

Table of Contents

  1. Description
  2. Setup - The basics of getting started with ispprotect
  3. Usage - Configuration options and additional functionality
  4. Reference - An under-the-hood peek at what the module is doing and how
  5. Limitations - OS compatibility, etc.
  6. Development - Guide for contributing to the module

Description

This module installs, configures and schedules the ISPProtect php malware scanner on a node.

The module downloads the package from ispprotect.com or a custom URL. After that, it unpacks and configures the package. Lastly the module schedules auto updates for the scanner and actual scanning of a directory tree.

Setup

What ispprotect affects

This module installs the clamav package by default, you can prevent this by setting the manage_clamav parameter to false.

Beginning with ispprotect

Apart from the mail_recipient parameter, it should be usable using the defaults. For real work you will need a license key, the trail expires after just a number of tries.

Usage

class { 'ispprotect':
  mail_recipient => 'you@example.com',
  scan_target => '/var/www/mywebsite',
}

Reference

  • license

The commercial license that was obtained.

  • ensure

Wether to add or remove defined resources. Defaults to present, can be set to absent to remove ISPProtect. Does this on best effort basis, YMMV. Please test this before actually using.

  • basedir

Directory under where to install the payload and helper files.

  • payload_url

Web address where to download the software. Defaults to the ispprotect official website, but may point at an internal distribution server.

  • scan_target

base directory that needs to be scanned using the payload. Defaults to '/var/www/html'

  • manage_clamav

Ensures the package clamav is installed, defaults to true

  • scheduled_scan

Wether or not a cron scheduled scan should be planned. Defaults to true

  • scan_hour

The hour of the day the scan is scheduled to start.

  • scan_minute

The minute the crobjob will start. Please note that default a RANDOM sleep is performed before starting the actual scan.

  • scan_weekday

Day of the week to run the scan, may be a array.

  • may_delay

The maximum number of seconds the start of the scan will be delayed

  • mail_recipient

The email address to sent reports to.

  • email_empty_results

Send a report even when there are no findings. Defaults to false

  • webproxy

Configure a webproxy to connect to ispprotect.com for updates etc. Defaults to undef

  • whitelist_path

Location of the whitelist table / file. Defaults to $basedir/etc/ispp_scan_whitelist

Limitations

Currently only tested on Red Hat Enterprise Linux 7. RHEL6 will be tested soon.

Development

This module is new and a 'early' release. PR for more parameters or support for other OS versions welcome.

Disclaimer

This module is provided as-is. The author is an independant consultant without other ties to ISPProtect than as a user / consumer. Product related questions should be directed at ispprotect.com.