Verifying CMS versions on multiple websites

Expertise level: Easy

Content Management System (CMS) communities work hard to identify security breaches and fix them proactively. However, common CMS known vulnerabilities are the most exploited security breaches. Thereby it is very important the keep your CMS up-to-date.

NOTE for shared hosting environments: It is important to verify your customers CMS versions and have them apply updates. Shared server security is only as strong as the weakest link.

Here are some commands you can run using ssh to identify CMS version/releases accross all your websites:

WordPress version:

Linux/cPanel:

find /home/*/public_html/ -type f -iwholename "*/wp-includes/version.php" -exec grep -H "\$wp_version =" {} \;

 Linux/Plesk:

find /var/www/vhosts/*/httpdocs/ -type f -iwholename "*/wp-includes/version.php" -exec grep -H "\$wp_version =" {} \;

 Windows/IIS (default path) with Powershell:

Get-ChildItem -Path "C:\inetpub\wwwroot\" -Filter "version.php" -Recurse -ea Silentlycontinue | Select-String -pattern "\`$wp_version =" | out-string -stream | select-string includes

 

Joomla! 1/2/3 version and release:

 Linux/cPanel:

find /home/*/public_html/ -type f \( -iwholename '*/libraries/joomla/version.php' -o -iwholename '*/libraries/cms/version.php' -o -iwholename '*/libraries/cms/version/version.php' \) -print -exec perl -e 'while (<>) { $release = $1 if m/RELEASE\s+= .([\d.]+).;/; $dev = $1 if m/DEV_LEVEL\s+= .(\d+).;/; } print qq($release.$dev\n);' {} \; && echo "-"

 Linux/Plesk:

find /var/www/vhosts/*/httpdocs/ -type f \( -iwholename '*/libraries/joomla/version.php' -o -iwholename '*/libraries/cms/version.php' -o -iwholename '*/libraries/cms/version/version.php' \) -print -exec perl -e 'while (<>) { $release = $1 if m/RELEASE\s+= .([\d.]+).;/; $dev = $1 if m/DEV_LEVEL\s+= .(\d+).;/; } print qq($release.$dev\n);' {} \; && echo "-"

 

Drupal version

Linux/cPanel:

find /home/*/public_html/ -type f -iwholename "*/modules/system/system.info" -exec grep -H "version = \"" {} \;

 Linux/Plesk:

find /var/www/vhosts/*/httpdocs/ -type f -iwholename "*/modules/system/system.info" -exec grep -H "version = \"" {} \;

phpBB version:

Linux/cPanel:

   find /home/*/public_html/ -type f -wholename *includes/constants.php -exec grep -H "PHPBB_VERSION" {} \;

Linux/Plesk: 

 find /var/www/vhosts/*/httpdocs/ -type f -wholename *includes/constants.php -exec grep -H "PHPBB_VERSION" {} \;

Latest version information:


Release notes usually contain information related to implemented security fixes.

Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk