Find malware in a cPanel user account

by | Mar 29, 2023 | CPGUARD, Uncategorized, Web Application Firewall

What is malware in web hosting?

Malware is a generic term for any type of malicious software written specifically to harm a network, system, or user. In the web hosting domain, this usually means a back door, an injection, or a phishing kit that is uploaded to a user account and abuses the resources to distribute the attack. Mostly in a PHP web hosting environment, this happens due to a vulnerability in the web application or due to a compromised user password

Common impacts of malware-infected websites

 Once the account/website is infected, you may experience various issues like phishing content in the website, email spam originating scripts, scripts sending outbound attacks, server load spikes, etc. Such issues will eventually affect the reputation of your server IP address, and websites, and may cause abuse complaints as well. 

 How cPanel scanner engine can help to solve this?

We have developed cPGuard scanner engine to closely watch the file events under each account and scan them automatically. There are also daily and weekly scanner options to schedule the latest files ( which are enabled by default ) with the updated virus rules. That said, we constantly update the virus file detection rules and the scheduled scan will help to recheck the latest files with the updated rules set periodically.

Our scanner engine is carefully crafted specifically for Web Hosting PHP websites and it is one of the fastest, less resource-consuming scanners with the best results overall. 

How to detect malware under cPanel account using cPGuard manual scan

As mentioned already above, it is recommended to keep the automatic scanner turned on always for safer web space. If you detect any abuse on your account and want to scan files manually, you can do it either from the cPanel plugin or from the App Portal   

 1. From App Portal   , you need to go to the server on which the account is hosted,  go to Virus Scanner >> Manual Scan and there you can choose the account or enter the path to scan.

2. From cPanel , you can go to Security >> cPGuard and then you will have the option to scan your files.

Conclusion 

The cPGuard scanner is a very useful tool for web hosts and account holders to detect the malware files under their accounts. Together with the automatic files scanner, Web Application Firewall, IPDB Firewall, Reputation monitoring tools, etc cPGuard helps to keep all cPanel server safe and secure. 

Nibin V M

Nibin V M

Nibin V M

Is an experienced Linux System Analyst with over 15 years of experience in Web Hosting, Web Security and server management. Holding the extensive experience in the industry, Nibin helps to coordinate the operations and support at OPSSHIELD LLP
Nibin V M

Nibin V M

Nibin V M

Is an experienced Linux System Analyst with over 15 years of experience in Web Hosting, Web Security and server management. Holding the extensive experience in the industry, Nibin helps to coordinate the operations and support at OPSSHIELD LLP