Is there any site or program where i can scan my sites, all of them in one go. I have many sites so i want to put in all. I want to scan for 777 and things like that.
What you're looking for is a web security scanner. There's quite a few of them, and some good free ones too. What I would recommend is Nikto and Wikto. They're both free and work extremely well. If you want to put out some cash, and are a bit of a newbie in the security area, I'd recommend using Acunetix's WVS. There's a great list of these at SecTools Top Ten Web Scanners. They'll be able to help you make a decision. For any more info on web scanners and vuln scanners in general, this Wikipedia article will help.
for my computer it takes alot of time to scan one site i think for me 12 hours for 1 site but then i see all the problem i have and it is alot WOW i never think some of my code was this weak.
Yea, Acunetix is a great scanner. It's caught some things that I had no idea were even vulnerable. Most people forget or don't think about wrong permissions. I've seen tons of sites with config files just sitting out in the open. Good luck securing your site!
I recommend you hire a PHP coder(if you do not know how to code in php) or a Perl coder, create a server side script that can do the scanning, also those which can audit your scripts (Check for RFI, LFI, SQL Inj. etc..) and put it in cron.. takes some memory but its just for 2 hours per day... If you have a dedicated server, I recommend this for you..
Its better to hire somebody in to check over your website for any kind of vurnabilities if you want help on that hit me up on msn i pmed you about it =].
Sorry no its not better to hire somebody its. I do not want strange people in my code i have enough of that already. I think Acunetix working very good
acutunix may work but as your using a free copy etc, it will only scan simple things meaning even if acutunix find things your still vurnable and you will need to fix premissions useing your ssh if you don't trust me you can ask mark henderson about me i helped him out with his private vps he was scared but he was totally happy when we fixed his things.
Don't rely on scanners for sole security. They are still weak in identifying all types of flaws in various web applications. There are dozens of other flaws that no scanners can detect and warn you. Logic flaw is one kind. See web app security scanners comparison report: http://drop.io/anantasecfiles/
I am NOW looking for a text search program FTP style that can go trough my php files search for problems. Since my server can not run the script people been telling me about.
What do you mean FTP Style? You mean ? - A program that uses FTP and then search problematic files there ? I never heard of it. Hire someone to write such.
do not need to search for problem files just search is enough since i know how the the code look like i should search for.
OK, Dreamweaver will do. - Load all files from FTP in Dreamweaver - Use Dreamweaver's advanced search feature You're done.