Hi Jerry,
And how are cronjobs setup? Are they with the URLs to the php scripts or by filepath? I'm wondering if they'd have a different timeout or if we can modify the timeout (the cmsb code does just that with varying success).
In any case, yes, putting the script in multiple directories would be a workaround. And yes you would get a lot of reports. Typically if you have a lot of accounts on one server you'd run it from the command line and have it scan all the websites at once.
I'll add that we have some planned features that would add emailing, so I expect the process of automating the scanning will become easier over time.
>I'd still like to know what the various pieces of information mean, even in the header.
Sure, they are as follows:
>Matched Patterns: php(36), js(7), htaccess(6), filepath(2)
These are the number of patterns being checked for different kinds of files. Note that often a single pattern will match multiple exploits.
>Scan started: Thu, 24 May 2012 16:41:49 -0400
When the scan was started, useful if output is going to an email or log.
>Root dir: /hsphere/local/home/gkornblu/upload-test.com
The path being scanned, also useful for reference when output is going to an email or log.
>Log file: none
If you scan from the command line you can output to a log file by adding -l yourlogfile.log, in which case that would be reflected here.
Let me know any questions, if you want to send me FTP login details I could look into getting it to run longer than 90 seconds or as a background process. I need to some research on that for some other projects anyways.
Hope that helps!
Dave Edis - Senior Developer
interactivetools.com