View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|14643||Feature requests||Security||public||2019-03-13 11:11||2019-03-15 08:00|
|Summary||14643: SiteHealth section/plugin to check environment and setup of LimeSurvey|
|Description||Currently some checks (php settings, database) are only done when installing LimeSurvey.|
But PHP version can change, some settings can change. So there is a need to check settings inside an LimeSurvey installation too.
When e.g. PHP is changed to 7.2 under Windows, and OpenSSL is not installed, the no missing mcrypt lib (PHP 7.2 and higher) will prevent creating tokens (on Linux the fallback would be the random device, which is not available under Windows).
Currently the debug settings, database cleaning, phpinfo, system-info are in different places in the LimeSurvey GUI.
Move them in one section. Then improve with e.g. system-check report, which can be copy and paste. Placing the installation checks in this section allows to improve the installation-process too. More checks will be done and the code will improve.
A good example is https://wordpress.org/plugins/health-check/ . https://github.com/WordPress/health-check
It comes with a Application check (missing things to run WordPress as indented), with debugging tools (copy & paste for forum or help-desk),
with a tool to check for issues (deactivates plugins and set a standard theme only for the admin to check for issues). It also has a phpinfo section and a tool section (currently offers E-Mail-check and file integrity check).
|Tags||No tags attached.|
|Nice idea. Another possibility is showing a page during installation with security recommendations. One problem though is how such recommendations tend to shift constantly, and it's really hard to reach consensus.|
|But more : give advice when we have some security knows issue (minor or not ?)|