Troubleshoot - by Hostrare
We can execute malicious charges and the Maldet tool, ClamAV to find hateful code on your website content.
Here is a little bit of code that I run. It searches within cgi and php files for certain lines, and then orders the file name within a different file so that you can go by them:
find /home/ \( -name “*.cgi” -o -name “*.php” \) -print0 | xargs -0 egrep -l ‘c99shell|r57shell|WebShell|phpshell|shell|c100|base64’ >> /root/report
netstat -anp : Look for programs attached to ports that you did not install / authorize
find / ( -perm -a+w ) ! -type l >> world_writable.txt : Look at world_writable.txt to see all world-writable files and records. This will reveal areas where an intruder can save data on your policy. NOTE: Fixing support on some PHP/CGI scripts that are not correctly coded will stop them.
find / -nouser -o -nogroup >> no_owner.txt: Look at no_owner for all records that do not have a user or group related to them. All data should be confirmed by a specific user or group to limit access to them.
Linux Malware Detect (LMD) is a malware scanner for Linux published below the GNU GPLv2 permit, that is devised around the threats faced in shared hosted positions. It affects threat data from network edge incursion identification systems to adjust malware that is actively being involved in attacks and creates signs for exposure. Please use the following link to download and install Maldet.
Download malware detect
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz tar -zxvf maldetect-current.tar.gz cd maldetect-1.4.2/./install.sh
Once installation completed.
try to scan your files.
maldet -a /home/?/public_html
This will scan all your account files… This should preferred with screen.
To scan one particular folder, use this option.
maldet -a /home/testuser
Simply log into WHM, go to the cPanel section, and click “Plugins.” Check the box next to “clamavconnector” and click Save at the base of the page. This will install ClamAV.
Update antivirus database:
Scan a directory and print out infected files:
clamav -ri /home
Scan a directly and remove infected files and emails:
clamav -ri –remove /home
Whether you are looking for a personal website hosting plan or a business website hosting plan, We are the perfect solution for you. Our powerful website hosting services will not only help you achieve your overall website goals, but will also provide you with the confidence you need in knowing that you are partnered with a reliable and secure website hosting platform.
Any hosting service you require, you can avail 50% Discount with new verified account. Chat with your Team Now