If you care about the security of your server (and you really should) one of the tools you can use on a daily basis (via cron) is LMD (a.k.a maldet) which is basically a malware scanner that can quarantine a get rid of files infected with malware.
In this guide we'll go through the process of installing and configuring maldet on a Linux server, whether it be a dedicated bare metal server of a Cloud VPS
Installing LMD:
We'll first go into /usr/local/src/ and then download the installations files using wget:
cd /usr/local/src/
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
We then proceed to extract the downloaded file:
tar -xcf maldetect-current.tar.gz
Let's go into the maldet folder, which should have been extracted by our previous command:
cd maldet-*
And now we run the install bash with the following command:
sh install.sh
Now we go onto the configuration part, by default all options are commented in the configuration file, so you can configure it based on your requirements. Let's go over what each option is:
email_alert : If you would like to receive email alerts, then it should be set to 1.
email_subj : Set your email subject here.
email_addr : Add your email address to receive malware alerts.
quar_hits : The default quarantine action for malware hits, it should be set 1.
quar_clean : Cleaning detected malware injections, must set to 1.
quar_susp : The default suspend action for users wih hits, set it as per your requirements.
quar_susp_minuid : Minimum userid that can be suspended.
So let's now open the configuration file with your preferred text editor, I'll use nano here:
nano /usr/local/maldetect/conf.maldet
The following command is really important, it takes care of updating maldet's db:
maldet -u
Now onto the actual use, let's scan the home dir a of user, this command will scan the specified folder and show the output of the command:
maldet -a /home/user
Say you want to scan all public_html folders for all users on the server, this is handy on servers used to host multiple websites:
maldet --scan-all /home?/?/public_html
If you wish to restore a file that has been quarantined you can do so with the following command:
maldet --restore /usr/local/maldetect/quarantine/somefile.php
You could (and should) create a cron job that takes of running this task every day,.
That's it, you now have knowledge of a tool that should help keep your server secure; keep in mind that this is just one fo the things you can do to improve your server's security.
If you're looking for a home for your new project or a new home for your existing website check out our web hosting, cloud vps and dedicated servers here: https://owned-networks.net