Verifying CMS versions on multiple websites

Expertise level: Easy

Content Management System (CMS) communities work hard to identify security breaches and fix them proactively. However, common CMS known vulnerabilities are the most exploited security breaches. Thereby it is very important the keep your CMS up-to-date.

NOTE for shared hosting environments: It is important to verify your customers CMS versions and have them apply updates. Shared server security is only as strong as the weakest link.

Here are some commands you can run using ssh to identify CMS version/releases accross all your websites:

WordPress version:

Linux/cPanel:

find /home/*/public_html/ -type f -iwholename "*/wp-includes/version.php" -exec grep -H "\$wp_version =" {} \;

 Linux/Plesk:

find /var/www/vhosts/*/httpdocs/ -type f -iwholename "*/wp-includes/version.php" -exec grep -H "\$wp_version =" {} \;

 Windows/IIS with Powershell:

Get-ChildItem -Path "C:\Webs\","C:\inetpub\wwwroot\" -Filter "version.php" -Recurse -ea Silentlycontinue | Select-String -pattern "\`$wp_version =" | out-string -stream | select-string includes

 

Joomla! 3.x version and release:
(and 2.x version and release - Support Ended)

 Linux/cPanel:

find /home*/*/public_html/ -type f -iwholename "*/administrator/manifests/files/joomla.xml" -exec grep -H 'version>.\..\..<\/' {} \;

 Linux/Plesk:

find /var/www/vhosts/*/httpdocs/ -type f -iwholename "*/administrator/manifests/files/joomla.xml" -exec grep -H 'version>.\..\..<\/' {} \;

Windows/IIS with Powershell:

Get-ChildItem -Path "C:\Webs\","C:\inetpub\wwwroot\" -Filter "joomla.xml" -Recurse -ea Silentlycontinue | Select-String -pattern "version>\b\d{1}\.\d{1,3}\.\d{1,3}\b<\/" | out-string -stream | select-string "administrator\\manifests"

Joomla! 1.x version and release (Support Ended) :

 Linux/cPanel:

find /home*/*/public_html/ -type f -iwholename '*/libraries/joomla/version.php' -exec egrep -H 'var \$RELEASE|var \$DEV_LEVEL' {} \;

 Linux/Plesk:

find /var/www/vhosts/*/httpdocs/ -type f -iwholename '*/libraries/joomla/version.php' -exec egrep -H 'var \$RELEASE|var \$DEV_LEVEL' {} \;

 

Drupal version

Linux/cPanel:

find /home/*/public_html/ -type f -iwholename "*/modules/system/system.info" -exec grep -H "version = \"" {} \;

 Linux/Plesk:

find /var/www/vhosts/*/httpdocs/ -type f -iwholename "*/modules/system/system.info" -exec grep -H "version = \"" {} \;

 

phpBB version:

Linux/cPanel:

   find /home/*/public_html/ -type f -wholename *includes/constants.php -exec grep -H "PHPBB_VERSION" {} \;

Linux/Plesk: 

 find /var/www/vhosts/*/httpdocs/ -type f -wholename *includes/constants.php -exec grep -H "PHPBB_VERSION" {} \;

 

Latest version information:


Release notes usually contain information related to implemented security fixes.

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk