NonComposMentis
asked on
How do I find infected files in a Unix account
Greetings Experts
Does anyone know of a server side application that I wouldn't need server-admin permissions to install, and that will scan my account for malware without interfering with the operation of my account? All I am interested in is a list of problem files. My web host will happily provide this service, then issue an ultimatum (but no further offers of assistance) if they find something. They also offer SiteLock which, as the name implies, locks your site -- not what I want either. Again, just give me the list and let me deal with that. Thank you.
I have two main WordPress websites under my one master account, so a WordPress based solution is possible, but not necessarily what I'm looking for. I'm pretty sure my host didn't use WordPress to scan my site when they did it. The most important of the two is poppersinversion.org, which now stands with WordPress 4.2.2 and Theme X v4.0.4. You can get information about the php installation at http://www.poppersinversion.org/test/phpinfo.php
BTW, I did find and read https://www.experts-exchange.com/articles/10806/Detecting-Recovering-From-and-Preventing-WordPress-Site-Hacks.html . Great stuff, which I will use, but not what I'm asking for here.
Thank you.
Does anyone know of a server side application that I wouldn't need server-admin permissions to install, and that will scan my account for malware without interfering with the operation of my account? All I am interested in is a list of problem files. My web host will happily provide this service, then issue an ultimatum (but no further offers of assistance) if they find something. They also offer SiteLock which, as the name implies, locks your site -- not what I want either. Again, just give me the list and let me deal with that. Thank you.
I have two main WordPress websites under my one master account, so a WordPress based solution is possible, but not necessarily what I'm looking for. I'm pretty sure my host didn't use WordPress to scan my site when they did it. The most important of the two is poppersinversion.org, which now stands with WordPress 4.2.2 and Theme X v4.0.4. You can get information about the php installation at http://www.poppersinversion.org/test/phpinfo.php
BTW, I did find and read https://www.experts-exchange.com/articles/10806/Detecting-Recovering-From-and-Preventing-WordPress-Site-Hacks.html . Great stuff, which I will use, but not what I'm asking for here.
Thank you.
ASKER
I don't have physical access to the server, so the USB stick wouldn't work. The linked post was for a "rescue disk" on a USB stick. Fortunately, I have backups to serve that purpose. What I don't have is any knowledge of what malware files may be on my account. Sadly, as I explained, I can't just ask my web host provider.
I was hoping somebody knew of an elaborate php script or something. I'll admit it was a bit far-fetched.
I was hoping somebody knew of an elaborate php script or something. I'll admit it was a bit far-fetched.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks, Ray. It never actually occurred to me to switch. I just assumed that once you left wordpress.org or wordpress.com and got your own domain name, any host would be as jumpy about malware. I would be if I were a web host! But they certainly could be more helpful.
After I originally wrote my question above, but before I posted it, they came up with a new malware scanning service for clients who don't have SiteLock. Problem is I don't know how I am counted. I have SiteLock, I just don't have it turned on. I think I just need to bite the bullet and call them.
After I originally wrote my question above, but before I posted it, they came up with a new malware scanning service for clients who don't have SiteLock. Problem is I don't know how I am counted. I have SiteLock, I just don't have it turned on. I think I just need to bite the bullet and call them.
ASKER
This question has been out there for a while, and it doesn't look like the answer I'm looking for is forthcoming. However, Ray suggested a solution I hadn't thought of (switching hosts) and gave a set of references which I'm finding helpful (including hosts to switch to).
http://www.pendrivelinux.com/put-bitdefender-rescue-cd-on-a-usb-flash-drive/