Embed this checklist
Want to use this checklist on your blog or magazine? Use the following code to embed it:

Template: OpenX Maintenance Checklist

OpenX is a popular ad server software. This checklist helps you maintaining your installation of OpenX Source. It includes frequent checks for software updates as well as things to look out for in regard to security and other issues.

If you are using Revive, the successor of OpenX Source, check out our checklist for Revive maintenance.

As always: We're happy about suggestions. Contact us!

Notice: Your checks will not be saved. Please log in or sign up to permanently manage this checklist.
Is the latest version of OpenX installed?

Verifiy that you are using the latest version of OpenX. Either by checking the official download page, or by logging in as administrator and navigation to "Configuration"=>"Product Updates":


Are there any known vulnerabilities in OpenX that have not yet been fixed in the official release?
Unfortunately, OpenX has a history of responding rather slowly to newly discovered vulnerabilities. Scan the OpenX Forum and other news sources for mentions of new vulnerabilities and apply fixes if possible.
Is the OpenX maintenance task running without problems?

Check "Configuration"=>"Maintenance" and make sure that no problems are reported. The following message would be a sign for problems:

Also check var/debug.log in your OpenX directory and make sure that it does not contain any error messages.

Are there any suspicious or outdated user accounts?
Check which users have access to the default manager account and which users have administrator access. Make sure that all these users are known and should indeed have access. Remove unknown users and outdated accounts of users who should not have access anymore.

Is the geotargeting database up to date?

If you are using the geotargeting plugin which ships with OpenX you need to update its database frequently to make sure that you are still getting accurate results.

By default, OpenX uses the free geotargeting database of Maxmind. You can download it on the Maxmind website. Maxmind updates the database on the first Tuesday of each month.

Are there any unusual patterns in OpenX's statistics?
Check the statistics of your site and see if the traffic levels still follow the normal patterns. If you notice abnormalities, investigate. They might be of natural causes (e.g. your site received more traffic) or sign for a problem (e.g. OpenX maintenance broke and statistics are not being updates correctly).
Is your host system up to date?
Make sure that the server on which OpenX is running is up to date, free of vulnerabilities and shows no issues. Check out our Server Maintenance Checklist Template for more detailed checks.
Is there unwanted content in any prepend/append settings of your zones?
If your OpenX installation has been compromised, the first thing intruders usually do is to place malicious code in the prepend of append fields of your zones. This code usually serves shady ads or (worse) exploits to your visitors. If you find any code which does not belong there, remove it immediately and investigate how it got there.
Are your configuration files write protected?

The configuration files of your OpenX installation should be write protected so that the configuration can only be changed by users with server-level access. Otherwise, malicious users (e.g. in case of a compromised account) can manipulate your server in hard-to-predict ways.

If you want to change the configuration through the frontend, make sure that you remove the write protection only temporary until you are done.