Best Anti Virus software for linux centos cPanel/WHM

crazyaboutlinux

Well-Known Member
Nov 3, 2007
939
1
66
Hello,

can you guys let me know Best Anti Virus software for linux centos cPanel/WHM ???

Please don't suggest me ClamAV its really poor, recently our client's website got Hacked by the hackers & i scanned that website to check how many pages are infected, but ClamAV says website is OK
 

ChrisFirth

Active Member
PartnerNOC
Apr 10, 2008
35
0
56
cPanel Access Level
DataCenter Provider
What exactly are you after?

Quite often when sites get hacked it is just an iframe to another site thats added (with or without varying levels of obfuscation to hide it) or the .htaccess file is modified to redirect traffic - ClamAV will not detect this sort of thing as its not what it is designed to do. For those cases file integrity monitoring is a good start so you get notified for any files that are modified.
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
40
248
somewhere over the rainbow
cPanel Access Level
Root Administrator
If the issue is the type of defacement ChrisFirth mentioned, the best idea would be to install mod_security in WHM > EasyApache (Apache Update) in the Apache Short Options List. mod_security can help to detect some malicious attempts to hit sites. It isn't fool proof, but it can help to reduce hacking incidents.
 

jerrybell

Well-Known Member
Nov 27, 2006
90
0
156
The big issue I think you'll find is that AV is largely aimed at detecting Windows viruses, not detecting encoded iframes/javascript. Having said that, isn't this what the configserver exploit scanner is geared at doing? (ConfigServer eXploit Scanner (cxs)) I have no idea of how well it works, but their other stuff seems to be good and it claims to do what you're wanting.
 

crazyaboutlinux

Well-Known Member
Nov 3, 2007
939
1
66
If the issue is the type of defacement ChrisFirth mentioned, the best idea would be to install mod_security in WHM > EasyApache (Apache Update) in the Apache Short Options List. mod_security can help to detect some malicious attempts to hit sites. It isn't fool proof, but it can help to reduce hacking incidents.
Hi Tristan

Yes, EasyApache is already installed & updated though many sites were Hacked, isn't there way to stop hacking ??
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
40
248
somewhere over the rainbow
cPanel Access Level
Root Administrator
Do you mean mod_security is already installed? EasyApache is always installed onto a cPanel server, so I'm just clarifying what was meant here.

There's no way to totally stop hacking attempts. We'd need more details on what was specifically hacked.
 

crazyaboutlinux

Well-Known Member
Nov 3, 2007
939
1
66
yes, mod_security is already installed, many website's got hacked, especially *.php and *.html pages

Do let me know what do you need more details on hacked. ?
 

NixTree

Well-Known Member
Aug 19, 2010
413
5
143
Gods Own Country
cPanel Access Level
Root Administrator
Twitter