How to Install maldet on cPanel server
login to your server via SSH as root , Enter the following commands:
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xzvf maldetect-current.tar.gz
cd maldetect-*
sh install.shAfter complete the installation you may see the message :
Linux Malware Detect v1.3.4
(C) 1999-2010, R-fx Networks <proj@r-fx.org>
(C) 2010, Ryan MacDonald <ryan@r-fx.org>
inotifywait (C) 2007, Rohan McGovern <rohan@mcgovern.id.au>
This program may be freely redistributed under the terms of the GNU GPL
installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
cron.daily: /etc/cron.daily/maldet
maldet(32517): {sigup} performing signature update check…
maldet(32517): {sigup} local signature set is version 2010051510029
maldet(32517): {sigup} latest signature set already installed
Configure if need :
Open file /usr/local/maldetect/conf.maldet and make changes according to your needs:
nano /usr/local/maldetect/conf.maldet
configure it according to your needs. But before making any changes let’s have a detailed review of each option below.
- email_alert : If you would like to receive email alerts, then it should be set to 1.
- email_subj : Set your email subject here.
- email_addr : Add your email address to receive malware alerts.
- quar_hits : The default quarantine action for malware hits, it should be set 1.
- quar_clean : Cleaning detected malware injections, must set to 1.
- quar_susp : The default suspend action for users wih hits, set it as per your requirements.
- quar_susp_minuid : Minimum userid that can be suspended.
Now update the maldet ; To update the maldet use the below commands.
maldet -u or maldet -d
Scan all file and folders :
maldet --scan-all /home
How to scan a cPanel User :
maldet -a /home/username/To launch a background scan for all user’s public_html and public_ftp in all home directories, run the following command:
maldet -b –scan-all /home?/?/public_?
