AntiVirus Integration for WebServer

We have a large array of websites (mostly WordPress) hosted on many different servers and most of them are shared servers.  

From server logs we can see many unexpected/malicious attempts to hack our websites. We already have File Monitoring in place. Now we wish to remotely scan our web server files using a open source or Free AV like ClamAV.

May anyone suggest how can we scan new files on web server using FTP access?  Is this possible with any free AV and if not what are the best possible alternates available?

Also suggest what are the best open source/free AV available which make sense for website malware scanning because most of AV products are targeted for desktop scanning.

I know there is an PHP extension available for ClamAV but we cannot put AV on these servers hence that option is not available.
ymalik_indiaAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Muhammad MullaSystems AdministratorCommented:
It may perhaps be better to take a different approach. If you're seeing attempted hacks/attacks, then consider an intrusion protection system / better firewall solution in front of all your servers, alongside any AV protection that you have in place.

A multi-pronged approach always seems to be better for security.

I would also say, although it should go without saying, that you should ensure that your underlying OS should be kept up to date and patched.
ymalik_indiaAuthor Commented:
The problem is that these are shared hosting servers on that we cannot install anything. Secondly most of such attacks are targeted on application layer exploiting application vulnerabilities (e.g. outdated WordPress plug-in/themes) which are not detected by firewall or IPS.
David Johnson, CD, MVPOwnerCommented:
there isn't much you can do except backup your data regularity and ensure that it is always kept up to date.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Spyware

From novice to tech pro — start learning today.