Install Maldetect Cpanel

Login to cPanel server via SSH as the root user.

Execute the below commands:

cd /usr/local/src/
tar -xzf maldetect-current.tar.gz
cd maldetect-*
sh ./

Updating the application
Manually update maldet

maldet -d
maldet -u

Configuring Linux Malware Detect (Maldet)
By default all options are fully commented in the configuration file, so configure it according to your needs. But before making any changes let’s have a detailed review of each option below.

Open file /usr/local/maldetect/conf.maldet and make changes according to your needs

nano /usr/local/maldetect/conf.maldet
email_alert : If you would like to receive email alerts, then it should be set to 1.
email_addr : Add your email address to receive malware alerts.
quarantine_hits : The default quarantine action for malware hits, it should be set 1.
quarantine_clean : Cleaning detected malware injections, it should be set 1.
quarantine_suspend_user : The default suspend action for users wih hits, set it as per your requirements.
quarantine_suspend_user_minuid : Minimum userid that can be suspended.
Running full malware scan user home directories

# The maximum file size for a file to be included in scan
# search results; use man find for accepted values
# [ changing this may have an impact on scan performance ]

Altere 768k para 1024K.

First i suggest full scan user home directories to detect and clean malware:

The Bellow command will scan all files and directories within the /home directory, which is where the content for cPanel accounts is stored.

maldet -a /home/?
Later you can only scan example all .php files. Command Below:

maldet –include-regex “.*.php$” -a /home/?/public_html

Acionando a varredura

Em nosso padrão de uso do Linux Malware Detect, acionamos o monitoramento de todos os usuários, através do comando abaixo:

# maldet -m users

Caso de algum erro, instale o pacote abaixo com o comando:

yum install inotify-tools -y

Deixe um comentário

O seu endereço de e-mail não será publicado. Campos obrigatórios são marcados com *

x Logo: Shield Security
Este Site é Protegido Por
Shield Security