Example Server Audit Report
See the structure and format of a YourServerAudit server security audit report.
This page shows the structure of a typical YourServerAudit report. Actual reports contain detailed findings specific to your server.
Report structure
Every YourServerAudit report follows a consistent structure designed for both technical teams and decision-makers.
1. Executive summary
A short, non-technical overview of the audit scope, key findings and overall risk assessment. Written for stakeholders who need the outcome without the full technical detail.
2. Server scope
What was audited: server identity, IP addresses, operating system, hosting type, access method and agreed boundaries. Scope is always confirmed before the engagement begins.
3. Public exposure
External scan results: open ports, listening services, SSL/TLS status, DNS records and anything reachable from the public Internet without authentication.
4. Access controls
SSH configuration, authentication methods, user accounts, sudo access, firewall rules and remote access policies.
5. Running services
All active services and daemons, their versions, listening addresses, and whether they are expected or potentially unwanted.
6. Web stack
Web server configuration, PHP or application runtime versions, CMS installations, virtual hosts and relevant security headers.
7. Mail services
Mail server status, queue health, SPF/DKIM/DMARC configuration, relay settings and blacklist status.
8. Logs and suspicious indicators
Review of authentication logs, cron jobs, recently modified files, unexpected processes, persistence mechanisms and known malware indicators.
9. Backup status
Whether backups exist, their frequency, retention, offsite status and whether a restore has been verified.
10. Findings
Each finding includes a title, severity, risk description and remediation recommendation.
SSH exposed to the public Internet with password authentication enabled
Risk: Password-based SSH access on a public IP is subject to brute-force attacks. Compromised or weak passwords can lead to full server compromise.
Recommendation: Disable password authentication in sshd_config, enforce key-based access only, and restrict SSH to known IP ranges or a VPN where possible.
Outdated PHP runtime
Risk: Running an unsupported PHP version exposes the server to known vulnerabilities that no longer receive security patches.
Recommendation: Upgrade to a supported PHP branch, verify application compatibility, and enable automatic security updates for the runtime.
Unknown open service on port 8443
Risk: An unidentified service listening on a non-standard port may be a forgotten application, a misconfiguration, or an indicator of unauthorized access.
Recommendation: Identify the process bound to port 8443, determine whether it is required, and either secure it behind a firewall rule or remove it entirely.
11. Remediation checklist
A prioritized action list grouped by urgency: immediate, short-term and medium-term. Each action references the related finding and includes clear steps.
Request your audit
Every server is different. Request an audit and we will scope the engagement based on your environment.
See pricing for available options.