13mar2026-v3: nonreg+saas-deploy+mailstream+cx+git+dns checks

2026-03-13 21:52:43 +01:00
parent 04961ee08b
commit effcae5f26
2 changed files with 1189 additions and 0 deletions
--- a/public/nonreg-master-v5.php
+++ b/public/nonreg-master-v5.php
@@ -481,6 +481,71 @@ test('Security S88','SSH port 49222', $s88ssh49222 || true, $s88ssh49222?'Access
 // ═══════════════════════════════════════════════════════════════
 // TOC: IDENTIFY CONSTRAINTS

+// ═══════════════════════════════════════════════════════════════
+// PHASE 9: SAAS & DEPLOYMENT — MailStream, CX, Site, S88 Config
+// ═══════════════════════════════════════════════════════════════
+
+// SAAS: MailStream deployed
+$ms = http('https://weval-consulting.com/mailstream.html', 8);
+test('SaaS Deploy', 'MailStream prod', $ms['code']==200 && $ms['size']>10000, "HTTP {$ms['code']} ".round($ms['size']/1024)."KB", 'CRITICAL');
+
+// SAAS: MailStream has login protection
+$msLogin = ($ms['body'] && (strpos($ms['body'],'login')!==false || strpos($ms['body'],'password')!==false || strpos($ms['body'],'auth')!==false));
+test('SaaS Deploy', 'MailStream login protected', $msLogin, $msLogin?'Auth present':'NO AUTH!', 'CRITICAL');
+
+// S88: CX endpoint operational
+$cx = http('https://weval-consulting.com/api/cx', 8);
+test('S88 API', 'CX endpoint reachable', $cx['code']>=200 && $cx['code']<500, "HTTP {$cx['code']}");
+
+// S88: weval-consulting.com live
+$wc = http('https://weval-consulting.com', 8);
+test('S88 Site', 'weval-consulting.com', $wc['code']==200 && $wc['size']>5000, "HTTP {$wc['code']} ".round($wc['size']/1024)."KB", 'CRITICAL');
+
+// S88: Nginx running (via site response)
+test('S88 Site', 'Nginx serving', $wc['code']==200, '');
+
+// S88: upload.php removed (security)
+$upload = http('https://weval-consulting.com/upload.php', 5);
+test('S88 Security', 'upload.php removed', $upload['code']>=400 || $upload['size']<100, "HTTP {$upload['code']}", 'CRITICAL');
+
+// S88: Cyber Monitor v4 deployed
+$cyber = http('http://88.198.4.195:5880/wevia-cyber-monitor.php', 8);
+test('S88 Deploy', 'Cyber Monitor v4', $cyber['code']>=200 && $cyber['code']<400 && $cyber['size']>5000, "HTTP {$cyber['code']} ".round($cyber['size']/1024)."KB");
+
+// S88: Office admin panel
+$oap = http('http://88.198.4.195:5880/office-admin-secure.php', 8);
+test('S88 Deploy', 'Office Admin Panel', $oap['code']>=200 && $oap['code']<500, "HTTP {$oap['code']}");
+
+// S95: Ultimate Dashboard v4
+$ud = http('http://95.216.167.89:5821/ultimate-dashboard.php', 8);
+test('S95 Deploy', 'Ultimate Dashboard v4', $ud['code']>=200 && $ud['code']<400 && $ud['size']>5000, "HTTP {$ud['code']} ".round($ud['size']/1024)."KB");
+
+// S95: NonReg itself accessible
+$nr = http('http://95.216.167.89:5821/nonreg-master-v5.php', 8);
+test('S95 Deploy', 'NonReg Master v5', $nr['code']>=200 && $nr['code']<400, "HTTP {$nr['code']}");
+
+// S95: Office Workflow
+$ow = http('http://95.216.167.89:5821/office-workflow.php', 8);
+test('S95 Deploy', 'Office Workflow', $ow['code']>=200 && $ow['code']<400, "HTTP {$ow['code']}");
+
+// DNS: Cloudflare active
+$dnsWeval = dns_get_record('weval-consulting.com', DNS_A);
+test('DNS', 'weval-consulting.com A record', !empty($dnsWeval), count($dnsWeval??[]).' records');
+
+$dnsWevup = dns_get_record('wevup.app', DNS_A);
+test('DNS', 'wevup.app A record', !empty($dnsWevup), count($dnsWevup??[]).' records');
+
+// GIT: Repos pushed (check .git exists)
+test('Git', 'WEVADS repo', is_dir('/opt/wevads/.git'), '');
+test('Git', 'Arsenal repo', is_dir('/opt/wevads-arsenal/.git'), '');
+
+// Git: check if clean (no uncommitted changes)
+$gitDirty = intval(trim(shell_exec('cd /opt/wevads && git status --short 2>/dev/null | wc -l') ?? '0'));
+test('Git', "WEVADS clean ($gitDirty dirty)", $gitDirty == 0, "$gitDirty uncommitted files");
+
+$gitDirtyA = intval(trim(shell_exec('cd /opt/wevads-arsenal && git status --short 2>/dev/null | wc -l') ?? '0'));
+test('Git', "Arsenal clean ($gitDirtyA dirty)", $gitDirtyA == 0, "$gitDirtyA uncommitted files");
+
 // ═══════════════════════════════════════════════════════════════
 // PHASE 8: INCIDENT SECURITY — Post-Attack Hardening Verification
 // ═══════════════════════════════════════════════════════════════
--- a/storage/nonreg_report_20260313_205055.json
+++ b/storage/nonreg_report_20260313_205055.json