Site Audit is a Drupal static site analysis platform that generates reports with actionable best practice recommendations.
Every Drupal site is unique, with its own individual configuration, content, audience, and so forth. With that said, they all have the same core infrastructure and configuration; Drupal! Therefore, it's possible to perform performance and behavior gathering to inspect any site.
Site Audit uses a technique known as static program analysis. This mechanism does not actually perform requests on the target site, and in doing so avoids the observer effect. It's non-intrusive, so no installation into the target site or configuration is required.
The end result is a fast, repeatable report that can help detect common problems and provide introspection into Drupal sites. Reports can be generated in multiple formats, including plain text, HTML, and JSON.
Site Audit can also be extended by other projects to add custom reports and checks.
Site Audit includes a number of comprehensive reports, each consisting of one or more checks. Site Audit reports include:
- Best Practices - structural recommendations
- Block - caching
- Cache - optimal Drupal caching settings
- Codebase - size of the site; size and count of managed files
- Content - checks for unused content types, vocabularies
- Cron - Drupal's built-in cron
- Database - collation, engine, row counts, and size
- Extensions - count, development modules, duplicates, missing
- Insights - Analyze site with Google PageSpeed Insights
- Security - check for common security exploits, such as malicious menu router items
- Status - check for failures in Drupal's built-in status report
- Users - blocked user #1, number of normal and blocked users, list of roles
- Views - caching settings
- Watchdog - 404 error count, age, number of entries, enabled, PHP errors
See README.md for installation instructions.
Create a new file or overwrite:
drush ac --html --detail > ~/Desktop/report.html
Continue writing to a file:
drush abp --html --detail >> ~/Desktop/report.html
Run every report with maximum detail, skipping Google insights and adding Twitter Bootstrap for styling:
drush aa --html --bootstrap --detail --skip=insights > ~/Desktop/report.html
Site Audit is used to power Launch Check on Pantheon, a collection of site status checks through the Pantheon Dashboard. Site Audit is installed at Pantheon and can be used on any Pantheon site that you manage. Learn more about Drush on Pantheon.
To see all the Site Audit commands on Pantheon, use:
drush @pantheon.SITENAME.ENV help --filter=site_audit
To run the Best Practices report on Pantheon:
drush @pantheon.SITENAME.ENV --detail abp
To check caching settings on Pantheon (recommendation is to disable page compression):
drush @pantheon.SITENAME.ENV --vendor=pantheon --detail ac
Feel free to add vendor specific support, either through a patch or by specifying the functional differences. If you've installed Site Audit and made it available to your customers platform-wide, let us know and we can list it here.
Integration with other modules
Site Audit is extensible; see the documentation for details and examples.
The following modules have or will have Site Audit support:
- Unused Modules
- Security Review -
- Sensitive Data - search content for sensitive information, like credit card or ID numbers
- Hacked! -
- Drupalgeddon - scans for exploit signatures from SA-CORE-2014-005
If your module includes Site Audit support, submit an issue and we'll update this list.
- Maintenance status: Seeking co-maintainer(s)
- Development status: Under active development
- Module categories: Developer, Drush, Performance and Scalability, Utility
- Reported installs: 3 sites currently report using this module. View usage statistics.
- Downloads: 100,824
- Last modified: May 9, 2016
- Stable releases are covered by the security advisory policy.
Look for the shield icon below.