Craft Sherlock

Sherlock is a security scanner and monitor to keep your site and CMS secure.

A free limited version of Sherlock is available for download here.

The suggested workflow is as follows:

  1. Install the plugin and run your first security scan
  2. Adjust your site and server so that your site passes the security scan with as few warnings as possible
  3. Set the correct notification email address(es)
  4. Copy the URL provided to run regular scans (containing the API key)
  5. Set up a cron job to automatically run a scan daily
  6. If your site ever fails the security scan in future then you will be notified immediately by email and with a control panel alert

View a demo of how Sherlock works: