Having administered dedicated boxes for a number of years, I have been lucky to only have a few instances where a script/php has compromised a system. Usually caught fairly quickly due to a number of tools, and vigilant monitoring, and has yet (fingers crossed) caused any downtime. I am looking into another product to help detect malware during it's upload to prevent issues, as I will be enabling (http/php based) FTP uploads again for a CMS product. Past problems were based on same CMS system, having caused me to do a server wide FTP disabling. This is somewhat inconvenient, and I am looking to enable FTP uploads on a per site basis, but want to ensure protection server wide. Rfxn, famous for APF and BFD scripts, has one called maldetect. It can check files on upload, and if they meet malware definitions it can quarantine them. It also scans the system using cron, and can be run from CLI. Has anyone had any experience with this tool? Does it play well with Cpanel? I will be diving into this later today, and will be sharing my experiences, but curious if others already ventured down this road.