Checking for rogue Apache modules

We’ve read a lot recently about attacks in which an attacker loads a modified module into Apache to insert iframes in outgoing data. Pretty scary, especially since nobody really seems to know how the hacks are performed. Recently, Sucuri wrote a blog article about how to check for rogue Apache modules on Debian. We’ve decided to implement this into an Icinga/Nagios check.

You can find the source for the plugin here. We also publish all our plugins via the ‘nagios-plugins-kumina’ package, provided by our apt repository.

Hope this helps!

Update: I packaged and pushed the wrong version of the script… Silly me. Fixed now!

Tags: , , , , ,

This entry was posted on Wednesday, April 3rd, 2013 at 11:54. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.


One Response to “Checking for rogue Apache modules”

Kumina designs, builds, operates and supports Kubernetes solutions that help companies thrive online. As Certified Kubernetes Service Partner, we know how to build real solutions.

Learn more about us Get in touch