Keeping your server virus/malware free.

Discussion in 'Hosting Discussions' started by rusty105, May 3, 2012.

  1. rusty105

    rusty105 Habitué

    1,600
    557
    +43
    Is there a program/script that can scan your 'public_html' on a cpanel install and look for malware and viruses?

    I want to stay ahead of them.
     
  2. Adam H

    Adam H Think before you speak.

    1,393
    547
    +1,967
    clamAV installed on to cpanel will do that for viruses but not malware, Another way of doing it is to download the entire public_html folder to your computer and do a scan with NOD32 and Malwarebytes. Them two put together will pick up basically anything.
     
  3. rusty105

    rusty105 Habitué

    1,600
    557
    +43
    Will calmAV opn cpanle run automatically? I am looking for something I can set up on a cron tab and have me alert me if needed.
     
  4. BHH

    BHH Enthusiast

    196
    78
    +3
    Honestly I don't run any virus scanner. I always restrict what my users can upload and disable any php execution from my upload folders.
     
  5. rusty105

    rusty105 Habitué

    1,600
    557
    +43
    I was thinking more along the lines of the base64 decode stuff that finds its way into my .php files every now and then :(
     
  6. BHH

    BHH Enthusiast

    196
    78
    +3
    I usually disable that stuff via php.ini as with other functions.

    Plus, no anti-virus will protect against that.
     
  7. rusty105

    rusty105 Habitué

    1,600
    557
    +43
    Elaborate?
     
  8. Judge Dredd

    Judge Dredd Bayerische Motoren Werke

    3,168
    452
    +180
    You mean infections that can be uploaded through a site, or just viruses...?
     
  9. BHH

    BHH Enthusiast

    196
    78
    +3
    In my php.ini I have:
    Code:
    disable_functions = dl,exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
    
    open_basedir = /home
    
    • You can also disable running php from you uploads/attachment folders via htaccess
    • Never run php processes as root, or any high level users.
    • Install mod_security
    • Install a firewall
    • Keep your software up-to-date
    • Be careful when installing 3rd party plugins as that usually where the security holes lie.
    • Remove software versions from your footer, header, html, etc.
    • Don't piss people off
     
  10. Alex.

    Alex. The Ancient Dragon

    11,164
    1,052
    +980
    My server knowledge is a bit rusty, but couldn't you (Assuming you have the money) to use a separate server for your public uploads by members? Wouldn't that sever the possibility of your main server being infected?
     
  11. BHH

    BHH Enthusiast

    196
    78
    +3
    It definitely ads security by obscurity, but that will just resolve exploits in your uploader.

    Securing your php scripts is the best security.
     
  12. Shawn Gossman

    Shawn Gossman The Motormouth

    7,155
    832
    +1,158
Verification:
Draft saved Draft deleted