How to add the Sansec security scanner (ecomscan) to your site. This scanner will identify malware.
NB You will need a license key, which can be obtained by purchasing their product. (Sansec Scanner)
There are multiple ways to implement the scanner, the instructions given here work but you may change if you wish. Original scanner settings can be seen here: Ecomscan Getting Started.
- Create a new instance
- From the
htdocsdirectory run:curl https://ecomscan.com/downloads/linux-amd64/ecomscan -o bin/ecomscan chmod a+x bin/ecomscan- Validate that the scanner runs:
/home/magento/htdocs/bin/ecomscan --key=YOUR_KEY --report=YOUR_EMAIL /home/magento/htdocs
(NB when running the scanner manually via SSH it will always report a missing crontab, as the cron process runs in it's own container. This will not be case when finally configured) - Add the file
bin/ecomscanto source control and perform a release. (zero downtime) - Once live add the following to your cron configuration within MDOQ
User: Magento
Cron Expression:7 * * * *
Command:/home/magento/htdocs/bin/ecomscan --monitor=EMAIL1,EMAIL2 --key=LICENSE_KEY /home/magento/htdocs
And save. - Select Sync -> Select Components to Sync
Click: "Show More"
Check "Cron"
Click "Enable Advanced Mode"
Check "Only synchronize selected components"
Click: "Synchronize"
(This will update the crontab without downtime to the site)