Websites should be scanned regularly for malware. Jack Wallen demonstrates how to do this on Linux with ISProtect.
If you are a website administrator, you know how important it is to keep your sites free of malware. After all, you don’t want to serve malicious code to unsuspecting users. So what do you do Do you rely on a simple malware scanner and expect it to be able to scan specific document types for your web server’s document route (or your site’s data directory)? And what if your websites are served on the Linux platform (which they probably are)?
If it sounds like a scenario suitable for your general use, there is a very simple, command-line tool that you can go to… ISPPprotect.
Views: Password Violation: Why Pop Culture and Passwords Don’t Mix (Free PDF) (TechiePublic)
ISPPprotect is a malware scanner designed specifically for web servers and is capable of scanning for malicious files on all types of sites (including the likes of WordPress, Xoops, Joomla and Drupal). Features of this scanner:
- Signature-based and heuristic malware scanning.
- May reveal unsafe installation directories that should be removed.
- Releases older WordPress plugins.
- MySQL database checks for malicious content.
ISPPprotect is not free. You can use it on a trial basis, but in the end, you need to buy a per-scan license or an annual license. You can buy “packs” of scans (5, 10, 25, 50, 100) or you can buy an annual license for about $ 92. Find out more about the cost on the ISPPprotect price page.
I am going to take you through the process of installing and using ISPPprotect in AlmaLinux.
What you will need
All you need is a running example of AlmaLinux (I will assume you also have a web server running) and a user with pseudo facility. Let’s protect those sites by hand.
How to install ISPPprotect
The first thing we’re going to do is install the dependency. Log in to AlmaLinux and install these packages:
sudo dnf install php php-curl clamav -y
If you use an Ubuntu-based server distribution, the command to install dependencies will be:
sudo apt-get install php7.4-cli php7.4-curl clamav -y
Switch with admin user with:
Next, we’re going to create a directory to hold the software:
mkdir -p /usr/local/ispprotect
Appropriately allow that new directory with the following commands:
chown -R root:root /usr/local/ispprotect
chmod -R 750 /usr/local/ispprotect
How to download and install ISProprotect
Make changes to the newly created directory with:
Download ISPPprotect with the command:
Unpack the archive file with:
tar xzf ispp_scan.tar.gz
Finally create a link to the executable binary with the command:
sudo ln -s /usr/local/ispprotect/ispp_scan /usr/local/bin/ispp_scan
How to use ISPprotect
To initiate a scan, issue the command:
You will see the ISPPprotect welcome screen (Figure A)
You will then be asked to enter a license (Figure B) Since we are using it as a trial, type Trial And press Enter on your keyboard.
The scanner will then ask for a way to scan. You should either enter the web server document route (e.g. / var / www) or enter a directory housing data for your site. Once you’ve done that (Figure CPress Enter to start the scan.
When the scan is complete, it will report to you if anything suspicious is found. Should it find anything, you should do it immediately.
A word of caution. The trial license gives you only one scan, so use it wisely. If, after trial, you find that ISProprotect is suitable for your needs, buy a license and scan arbitrarily.
You have it, you have scanned your web server for malicious files using a simple, command-line tool. Enjoy.
Subscribe to TechRepublic How to do tech work on youtube From Jack Wallen to Business Professionals for all the latest technology advice.