Current version of the Antivirus check files in website folders but does not scan database or website pages so we’d also recommend checking websites using free online scanner – ReScan.Pro. It will detect security issues which the Revisium Antivirus cannot detect.
For Server Admins
If you suspect the fact of server compromise we recommend to do the following steps immediately:
- change the root user credentials and disable SSH and FTP connection for other users before the comprehensive analysis of server security is done;
- check the auth/security logs in the /var/logs for unauthorized connections;
- scan the /tmp, /var/tmp and the folders staring from /home or /var/www for malware using free command-line malware scanner AI-BOLIT and check them for unusual files such as linux binaries and sources or per/php scripts outside the doc root folders;
- check for the suspicious (usually, “long-term”) background processes in the “top” / “htop” / “ps auxww”;
- check for the suspicious external connections in the “netstat”.
Or just order professional server security analysis and malware clean up service at Revisium.