The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Linux Malware Detect Question

Discussion in 'Security' started by xort, Feb 20, 2015.

  1. xort

    xort Member

    Joined:
    Apr 7, 2013
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    hi,
    i had an issue a few days ago where df -i gave me 100% usage, caused from the existence of too many /usr/local/maldetect.bkxxxx directories.
    i had to delete the dirs manually in order to solve the problem.
    is there any way to automatically delete those files? should i use a cron job for that or maldetect has its own mechanism for deleting old dirs?

    thanks!
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Please keep in mind that it's a third-party application, so you may want to consult with it's documentation to see if it's possible to modify it's retention configuration. Otherwise, yes, you should create a cron job that removes those directories if you determine they are not required.

    Thank you.
     
  3. xort

    xort Member

    Joined:
    Apr 7, 2013
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    hey Mike,
    i sure did that but i haven't found a solution so i thought to ask here and see how other cpanel users deal with it.
    it is obvious that a lot of people are using maldetect on cpanel servers and i really need to know how they deal with /usr/local/maldetect.bkxxxx directories.

    thanks a lot!
     
  4. xort

    xort Member

    Joined:
    Apr 7, 2013
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    FYI,
    maltetect uses tmpwatch in order to remove quarantine/session/tmp data every 14 days.
    well in our system tmpwatch was not installed... :-/
     
  5. MilesWeb

    MilesWeb Well-Known Member
    PartnerNOC

    Joined:
    May 23, 2012
    Messages:
    174
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    India
    cPanel Access Level:
    Root Administrator
    You can use the -p, --purge option which clears logs, quarantines queue, session and temporary data.
     
    xort likes this.
Loading...

Share This Page