I suggest you ...

Create daily md5-hashes of the web-content of a domain, to quickly identify tampering or hacking.

Let Plesk on every night optionally create/compare md5-hashes from all files in the domains storage-space (web,httpdoc,ftp) and update this in a simple list (database), sortable by date of last change, size, number of changes. Indicating "changed files in the last xx days" to have a time-window to drill down.

In addition, accumulate all vhosts together into a seperate "Admin-View", where ALL domains are put together alphabetically.

Add an additional button "snapshot", so one could create a list of all webfiles on request. For example, when an incident has been cleaned, then click "snapshot" and then wait some time to see if the changes come back within a short time.

This would allow the customer and the Admins to quickly see, which files an when have been updated/changed lately or tampered with (hacked/defaced homepages). And the admins can spot such repeated activities or attacks which span over multiple domains (produced by Botnets and such) on his server.


51 votes
Sign in
Password icon
Signed in as (Sign out)

We’ll send you updates on this idea

Slater shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in
Password icon
Signed in as (Sign out)
  • Marco Marsala commented  ·   ·  Flag as inappropriate

    There are free alternatives too, like BinaryCanary. Don't implement this or you will get too many false positives.

  • Stephen Shaw commented  ·   ·  Flag as inappropriate

    I was hacked with DrupalGeddon, this would have saved me because I thought I had patched in time < 7 Hrs - I did'nt patch in time and did not realize I was vulnerable until 6 months later when they activated the hack.

  • Damien commented  ·   ·  Flag as inappropriate

    These are remote services, so they can only scan webpage output. They are defacement monitors.

    The feature here is filesystem based, so it would identify new unknown files, or backend changes to files that may not cause any change to generated HTML)

Feedback and Knowledge Base