What it is: Collection of methods used for server and WordPress maintenance on a daily basis, pipe-able according to needs. Written in Ruby.
What it does: Shifts time expenditures from routine tasks to actually noticing vulnerabilities and attacks.
How it works: RFlow connects several loosely-laying libraries with thematically related methods in Ruby and Bash. Combining two languages like this is a mortal sin, I know - the script is written for admins, not saints.
There is a basic config where you define your directory structure and package dependencies. You can have custom dependencies for each routine, same goes for alerting via Slack.
name: 'RFlow' version: '1.3.0' env: 'SERVER-ID-PROD' static: # default notifications slack: 'https://hooks.slack.com/some/info-level/channel' # packaged dependencies packages: security: ['pv', 'ipset', 'geoip-bin', 'apf', 'rkhunter'] backup: ['git', 'some-cloud-backup'] # always ban hits in access.log that contain these strings... always_ban: ['xmlrpc', 'netcraft', 'masscan', 'zgrab'] pipes: lamp: # more pipe-specific configs available... slack: 'https://hooks../some/info-level/notif/channel' backups: slack: 'https://hooks../other/channel/only/when/fail' wp: slack: 'https://hooks../channel/only/for/vulnerabilities' server: ...
Once configured, you can play with the pre-defined pipes (routine sequences), mainly built for quick and efficient server look-around and log analysis with API calls to abuse lists for your routine checks. You can quickly add your own pipes as you go, as child classes of
Run them from separate pipe files or line them up in a
main for regular maintenance routines.
Piping the methods makes it easy to configure similar routines for either manual, interactive run or as cron jobs.