I built a tool called *Kekkai* for file integrity monitoring in production environments. It records file hashes during deployment and later verifies them to detect unauthorized modifications (e.g. from OS command injection or tampering).
Why it matters:
* Many web apps (PHP, Ruby, Python, etc.) on AWS EC2 need a lightweight way to confirm their code hasn’t been changed. * Traditional approaches that rely on metadata often create false positives. * Kekkai checks only file content, so it reliably detects real changes. * I’ve deployed it to an EC2 PHP application in production, and it’s working smoothly so far.
Key points:
* *Content-only hashing* (ignores timestamps/metadata) * *Symlink protection* (detects swaps/changes) * *Secure S3 storage* (deploy servers write-only, app servers read-only) * *Single Go binary* with minimal dependencies
Would love feedback from others running apps on EC2 or managing file integrity in production.
Comments URL: https://news.ycombinator.com/item?id=45347714
Points: 30
# Comments: 4