Patchman is a security tool designed to help you maintain a safe and secure website. It works by scanning your websites for known vulnerabilities, which are weaknesses that hackers could potentially exploit. These vulnerabilities are commonly found in outdated versions of popular Content Management Systems like WordPress, Joomla, or Magento. Normally, fixing such issues would require a developer to update the CMS to the latest version.
With Patchman, this process is much simpler. When a vulnerability is detected, Patchman automatically applies a patch to fix it without requiring you to immediately update your CMS. This ensures that your website remains protected at all times, giving you the flexibility to update your CMS whenever it is convenient for you.
Whenever Patchman detects and resolves a vulnerability, you will receive an e-mail notification. This e-mail details which files were affected. By examining the file paths listed in the notification, you can quickly identify which specific installation on your hosting package was impacted.
For more information about a vulnerability, log in to DirectAdmin and, in the menu under 'Extra Features', click 'Patchman'. Then, in the 'description' column, click on a vulnerability to view detailed information.
Step-by-step guide for security updates
If you have received an e-mail from Patchman notifying you that vulnerabilities have been detected and patched, it is important to follow up by updating your applications. This guide will help you not only update your website applications but also keep them secure and up to date over time.
Before performing any updates, make sure to create a backup. This gives you the option to safely restore your website to its current state if something goes wrong during the update process.
A manual backup is not necessary if you use Antagonist hosting. In that case, you can easily restore a backup with the Antagonist Backup function within DirectAdmin.
Step 1: Using Installatron
If you are not sure whether you are using Installatron, log in to DirectAdmin first.
- If you see your installation listed under 'My Applications', you can update it immediately. In that case, proceed to step 3. Click on the application that was installed via Installatron.
- If no applications are listed under 'My Applications', you will need to import the application first. To do this, go to step 2.
Step 2: Importing your application?
You can choose to import your application into Installatron, which allows you to manage updates more easily. Once imported, you can perform manual updates immediately and enable automatic updates for the future. This ensures your application stays secure and up to date with minimal effort.
To import your existing application, simply follow the step-by-step instructions provided in this guide.
When importing, make sure to select 'Import existing install' instead of starting a new installation. Choosing a new installation could overwrite your current website and result in data loss.
After importing the application, proceed to step 3.
Step 3: Viewing your application in 'My Applications'
If your application is visible under 'My Applications', you can easily update your application with the help of this guide. Before starting the update, make sure that the option 'Yes, create a backup before performing the upgrade' is checked at the bottom of the Installatron interface. This ensures that a full backup of your website is created automatically, allowing you to restore it to its previous state if anything goes wrong during the update process.
If you prefer not to update your application through Installatron, you can also choose to install the new version manually without using Installatron. For detailed instructions, please refer to the official documentation of the application itself.
Once you have updated your application to the latest version, proceed to step 4.
Step 4: Verifying that the update was applied correctly
If all applications on your hosting package are up to date and Patchman under 'Extra Features' within DirectAdmin no longer reports any vulnerabilities, the issues have been fully resolved.
You can also rerun the scan in Patchman at any time. The scan usually takes about two minutes to complete, and any new results will be displayed once it finishes. If files are still flagged, check the folders highlighted by the scan to identify which installation is affected. This indicates that the application is not yet fully up to date and may require further attention.
Automatic vulnerability protection
Patchman automatically patches any detected vulnerabilities and helps maintain your website's security proactively, reducing the risk of attacks even if updates are delayed. The system focuses only on the specific vulnerable file, ensuring that the rest of your website continues to function normally without interruptions.
This provides immediate protection against security risks, allowing your site to remain secure while giving you the flexibility to perform the full CMS or application update at a time that is most convenient for you.