Answer the question
In order to leave comments, you need to log in
What to use to control the integrity of site files?
The question seems to be rather trivial and the answer to it is most likely git. But still, what is better to use to control the integrity of files on the site, under the following conditions:
1 The site is quite large and users have the right to upload some files.
2 Several developers work with the site, though they work through git, but the changes are uploaded to the working server manually.
3 I would like to receive notifications when files that are uploaded in a non-standard way (email, sms) are changed, as well as approve or reject these changes.
I think, ideally, I would like to make some files work in read-only/execute mode without the ability to correct the rights to them by the user under which the entire site is executed.
I agree that the question is quite extensive and rather for the administrator, but perhaps there is some kind of standard solution and / or manual)
Answer the question
In order to leave comments, you need to log in
Automate the deployment from the git, why do it with your hands. Immediately get a tool to approve / reject changes and minimize "external" changes.
And for integrity control, look towards selinux, auditd and ossec/aide/afik. First, tighten the access policies to the stop, secondly, configure the necessary events, thirdly, make mass monitoring of changes.
And a syslog to another server, of course :)
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question