Documentation

Astrari Docs

Everything you need to set up, configure, and get the most out of Astrari.

Monitor a website

Add any URL and start scanning externally — no agent, no DNS records, no plugin. SSL, headers, blacklists, email security, exposed files, and full WordPress CVE coverage.

SitesWordPressExternal

Install the server agent

Step-by-step guide to installing the Astrari agent on Linux servers. Covers requirements, the one-line install command, what gets installed, and how to verify everything is running.

AgentLinuxsystemd

Exposure probes

Active probes that catch what file-based scanners miss — services bound to the wrong interface, unauthenticated Redis/Memcached, exposed .git or .env files, weak TLS on running services, default-path admin panels. Plus how to whitelist probes in your WAF and how to write custom rules.

AgentNetworkTLSWAF

FAQ

Answers to common questions about how Astrari works — the scanners, WordPress site checks, finding management, SSH auto-fix, forensic diagnostics, alert routing, the Cloudflare edge integration, support, billing, and more.

GeneralScannersDiagnosticsAlertsCloudflareSupportWordPressBilling

Changelog

Notable releases, improvements, and security-relevant changes. We ship continuously — this is the human-readable record of what's new and what's changed.

ReleasesImprovementsSecurity

API reference

REST endpoints for sites, servers, findings, reports, and outbound webhooks. Includes the HMAC signing scheme for verifying webhook deliveries. Available on Professional and Agency plans.

APIWebhooksIntegrations

Quick reference

Agent binary/usr/local/bin/astrari-agent
Config file/etc/astrari/agent.conf
State / data dir/var/lib/astrari/
Servicesystemctl status astrari-agent.service
Timersystemctl status astrari-agent.timer
Logsjournalctl -u astrari-agent -f
Versionastrari-agent --version
Installcurl -fsSL https://astrari.io/install.sh | bash
Uninstallcurl -fsSL https://astrari.io/uninstall.sh | bash

What Astrari monitors

Linux servers (agent-based)

  • Trivy — OS package CVE scanning
  • ClamAV — malware and virus detection
  • rkhunter — rootkit and backdoor detection
  • MalDet — web shell and PHP malware
  • SSH hardening checks + auto-fix
  • Firewall and network security checks
  • File integrity monitoring
  • SSL certificate expiry
  • OS package update tracking and patching
  • Score trend (0–100) with scan history

Websites (agentless — works on any hosting)

  • Uptime monitoring — 5-minute probes, alerts on 3 consecutive failures
  • Content / defacement monitoring — 6-hourly content fingerprint with side-by-side diff
  • TLS deep audit — protocols, weak keys, signature algorithms, HSTS posture (CF / LE aware)
  • JavaScript supply-chain detection (Magecart class)
  • WordPress plugin / theme / core CVE matching
  • Outdated components with fix versions
  • Security headers (HSTS, CSP, X-Frame-Options…)
  • Cookie security flags (HttpOnly, Secure, SameSite)
  • SSL certificate and domain expiry
  • SPF and DMARC email security
  • Exposed file detection (wp-config.php, debug.log…)
  • User enumeration and directory listing
  • SEO spam, cloaking, and hidden link detection
  • Database scan for injected malware (agent-assisted, WordPress only)
  • .htaccess auto-fix for common hardening issues (agent-assisted, WordPress only)

Something missing? Let us know.