plugin-SecurityInfo icon indicating copy to clipboard operation
plugin-SecurityInfo copied to clipboard
verified publisher icon matomo-org

Replace PhpSecInfo with something more modern

Open Findus23 opened this issue 7 years ago • 2 comments

As this is the most downloaded Matomo plugin and the description recommends using it

We highly recommend that all Matomo administrators enable the SecurityInfo plugin, and then view the Settings. The plugin is a tool in a multilayered security approach.

we should make sure that the recommendation it gives are up to date. Unfortunately the development for PhpSecInfo seems to have stopped in 2007 or 2009 and while there have been some fixes to make it work with newer PHP versions, I am not sure if the recommendations are still correct and (more importantly) if not some important recommendations are missing.

But I couldn't find many alternatives. https://github.com/sektioneins/pcc seems to be newer, but it doesn't seem to have a way to get the results apart from echo.

If someone knows a better alternative, please comment here.

Findus23 avatar Dec 02 '18 09:12 Findus23

I found 4 versions for PhpSecInfo : https://github.com/ZerooCool/phpsecinfo

ZerooCool avatar Jul 30 '19 21:07 ZerooCool

Just FYI: My plugin https://plugins.matomo.org/DiagnosticsExtended should contain all important checks from this plugin in a rewritten version.

Findus23 avatar Jan 27 '22 11:01 Findus23