scan for malware, viruses and php eval based infections

In order to keep the linux server as safe as possible I wrote two quick bash scripts that will scan for infected files and then send me an email report to take action.

On the server I have centos with whm/cpanel and as antivirus I use clamav. In order to scan the home directories I use:

now there is another possibility that some php scripts will have something like:

In the above case the antivirus won’t detect the threat.

To overcome this I created a script that will scan the home directory for scripts containing a certain pattern. Then I manually check them to see if everything is ok

You can also directly download your files and then enter them in cron like described bellow
base64eval_scan
antivirus_scan

And now the cron:

then add for the last two lines:

Don’t hesitate to let me know if this helped you in some way and of course any improvements / suggestions you may have.

Thank you!