I use a plugin for WordPress called "WordFence". It works by scanning all files on the server and checking for changes or suspicious code.
I am looking for something similar to Magento. Does it exist?
To put it another way, I am looking for an extension to help with security, and scanning files looking for changes would help a lot.
You should use a version control system for that, as it does exactly what you describe (and more).
For example, git status will show you all modified files since last release. You could use .gitignore to exclude media files and other volatile stuff.
See Yireo's tutorial on git and Magento on how to get started.
Related
Currently in our repository, there is a conf/ folder that I have svn ignored so as to avoid committing local configuration data. However, now I need to add a new configuration option to this file. From my research, the only answer that seems applicable is to change the project structure and have 'config.conf.default' files that everyone can add new options to, and they must copy that file to 'config.conf' and edit it with their local options and svn ignore it. As this is not my project I am working on I would prefer to find a more 'local' solution if their is one.
Changesets don't seem to be helpful in this situation, and constantly manually backing up, reverting, remaking changes I want sync'd, committing and then restoring each config file doesn't sound fun at all.
I read some posts that TortoiseSVN 1.8+ can do this sort of thing, I'm hoping there's a Linux equivalent.
Looking forward to any advice -- thank you
I do not know for certain, but I will be very surprised to hear that TortoiseSVN can do this. What you are asking for runs counter to everything that SVN (and, I might add, any other version control I'm aware of) works.
A file can be either tracked, in which case any change to it is an interesting change, or untracked, in which case none are. Allowing partially tracked files means the version control cannot know whether the change you just made should or should not be tracked. Allowing this is just asking for trouble.
While, technically, TortoiseSVN might have such a feature as an overlay above SVN, in my experience, that's simply not how Tortoise is built. Their design is very nice in that they are simply an SVN client, honoring the same configurations and semantics as the command line tool (for both Windows and Linux). In fact, the fact that Tortoise, the command line tool and the VisualStudio clients all share the same mode of operation is one of the strong points of the tool set, making the experience of working on Windows just a tiny bit more bearable. I really hope Tortoise have not decided to deviate from that.
I have a project Pyramid Application. I store it on git and pull the branch to the server when I need update. Until now I was working on Koding but lately decided to check out azure and it's developer's benefits.
After I've created ubuntu server virtual machine (which actually is what runs under Koding) I've downloaded my project using git pull, but forgot to change the branch to the one I'm working on atm. So I did, but server still shows me the old page (like I didn't checkout the other branch). So I checked sftp and files show me they have been updated.
Why am I still seeing the old page?
Now I know the reason why! (at least I think, but please. correct me if I'm wrong)
I noticed that there was .pyc file for every .py file, and those are "compiled" (bit of simplification?) python files as I understood it. And it seemed to me that they were not "compiled" on app launch. But they compiled with setup.py... edit dates suggest that.
So the reason why I didn't see the changes I did in code was that... http.server was using old "compiled" files instead of the source files! But is that normal/expected behaviour? Dunno. There are many other quetions now, but main question was answered so I mark this as answer until someone gives better answer.
What are the best steps to take to prevent bugs and/or data loss in moving servers?
EDIT: Solved, but I should specify I mean in the typical shared hosting environment e.g. DreamHost or GoDaddy.
Bootstrap config is the smartest method (Newism has a free bootstrap config module). I think it works best on fresh installs myself, but ymmv.
If you've been given an existing EE system and need to move it, there are a few simple tools that can help:
REElocate: all the EE 2.x path and config options, in one place. Swap one URL for another in setup, check what's being set and push the button.
Greenery: Again, one module to rule them all. I've not used this but it's got a good rating.
So install, set permissions, move files and and DB, and then use either free module. If you find that not all the images or CSS instantly comes back online, check your template base paths (in template prefs) and permissions.
I'm also presuming you have access to the old DB. If not, and you can't add something simple like PHPMyAdmin to back it up, try:
Backup Pro(ish): A free backup module for files and db. Easy enough that you should introduce it to the site users (most never consider backups). All done through the EE CP. The zipped output can easily be moved to the new server.
The EE User Guide offers a reasonably extensive guide to Moving ExpressionEngine to Another Server and if you follow all of these steps then you will have everything you need to try again if any bugs or data loss occur.
Verify Server Compatibility
Synchronize Templates
Back-up Database and Files
Prepare the New Database
Copy Files and Folders
Verify File Permissions
Update database.php
Verify index.php and admin.php
Log In and Update Paths
Clear Caches
As suggested by Bitmanic, a dynamic config.php file helps with moving environments tremendously. Check out Leevi Graham's Config Bootstrap for a quick and simple solution. This is helpful for dev/staging/prod environments too!
I'd say the answer is the same as any other system -- export your entire database, and download all of your files (both system and anything uploaded by users - images, etc). Then, mirror this process by importing/uploading to the new server.
Before I run my export, I like to use the Deeploy Helper module to change all of my file paths in EE to the new server's settings.
Preventing data loss primarily revolves around the database and upload directories.
Does your website allow users to interact with the database? If so at some point you'll need to turn off EE to prevent DB changes. If not that you don't have too much to worry about as you can track and changes on the database end between the old and new servers.
Both Philip and Derek offer good advice for migrating EE. I've also found that having a bootstrap config file helps tremendously - especially since you can configure your file upload directories directly via config values now (as of EE2.4, I think).
For related information, please check out the answers to this similar Stack Overflow question.
When using p4v to sync a project onto a 2nd machine I was surprised to see that files I had checked out on my primary machine were not included in the "Get Revision" (Get Latest Revision and Force options selected).
This seems like an elemental thing to get working but I can't find how to force this other than perhaps tagging the source tree and getting that, which I don't want to do if I don't have to. . .
This is an elemental thing. Syncing on one computer is in no way influenced by what you have open for edit on another. Syncing retrieves all those files regardless of who has them checked out, unless you have confused the server by messing with files outside the Perforce client. However, you said you used the -f option, which would solve that problem.
Are you sure you don't have those missing files open for add and not for edit?
I am looking at the cruisecontrol web dashboard. I can see one farm and one server. However, I don't see any way to add a project?
Is this something I can do with the UI or do I need to edit the config file by hand?
You'll need to edit the ccnet.config file by hand (located within the CruiseControl directory) to add projects. There are some graphical tools to help you do this however you do get used to doing it by hand fairly quickly - just have the documentation near by!
Update: An example of one such tool is http://www.codeplex.com/ccnetconfig
You can use CCNETConfig to edit the config file through an UI although it doesn't support higher version > CruiseControl.NET 1.4.
You have to basically edit the configuration file by hand, however I have it setup so that the raw config file is split into different include files, each of which is setup in my source control system. Then I created a project for the configuration, and then for the whole config. So when something changes in the config, CC.NET itself pulls out the changes, recreates it's config files and the refreshes the system configuration.
This means that anyone can edit the config (if they can access the files in sourcecontrol), and no-one has to go into the program files directory of the CC.NET machine itself.
Not sure whether this answers the question you asked, but this is how our setup works