How to install MALDET Linux Malware Detect on cPanel Server?

Maldet is a malware detector and scanner for Linux based servers a project designed by R-fx networks project. It can be installed on shared hosting servers like cPanel WHM and linux plesk servers which works along with Clamav tool.

1. Download & Install Maldet -

   cd /usr/local/src
   wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
   tar -xzvf maldetect-current.tar.gz


2. Go to the maldetect directory and run the installer script 'install.sh' as root:
   
     cd maldetect-1.5
   ./install.sh


3. Next, make a symlink to the maldet command in the /bin/ directory.

   ln -s /usr/local/maldetect/maldet /bin/maldet
   hash -r

 4. Configure Maldet, Install Nano editor if its not installed ( yum install nano ) -

    cd /usr/local/maldetect/
    nano conf.maldet


5. Enable email alert by changing the value to '1'.
  
    email_alert="1"


6. Set your email address .

    email_addr="root@24x7servermanagement.com"


We will use the ClamAV clamscan binary as default scan engine because it provides a high-performance scan on large file sets. If its not installed you can install it using ( yum -y install clamav clamav-devel ) then update using ( freshclam ) command.

7. Change value to '1' on line 114 - scan_clamscan="1"

8.  
Next, enable quarantining to move malware to the quarantine automatically during the scan process. Change value to '1' on line 180 - quarantine_hits="1"

9. Change value to 1 on line 185 to enable clean based malware injections - quarantine_clean="1"

10. Save and exit.


Use Real-Time Monitoring with Maldet for active monitoring.

The inotify monitoring feature is designed to monitor paths/users in real-time for file creation/modify/move operations. This option requires a kernel that supports inotify_watch (CONFIG_INOTIFY) which is found in kernels 2.6.13+ and CentOS/RHEL 5 by default.

There are three modes that the monitor can be executed with and they relate to what will be monitored, they are USERS|PATHS|FILES.
e.g: maldet --monitor users
e.g: maldet --monitor /root/monitor_paths
e.g: maldet --monitor /home/mike,/home/ashton

Was this answer helpful?

 Print this Article

Also Read

How to backup single MySQL table?

Backup single MySQL table using shell command and phpMyAdmin 1. Creating dump file -...

How to manually resend notification to user whose disk quota has exceeded on cPanel server?

There are always instances on the cPanel server where some clients want to temporarily increase...

Error displaying the error page: The cachelite Cache Storage is not supported on this platform. (Joomla error)

While accessing the Joomla site, I was getting error as - Error displaying the error page: The...

How to add/remove the trailing slashes in URLs using the .htaccess?

You can use the below code in the .htaccess file depending on the trailing slash required or not...

How to install Let's Encrypt free SSL plugin on cPanel server?

Let's Encrypt plugin allows automated SSL certificate for those account which do not have valid...

Powered by WHMCompleteSolution