Configure Maldet in linux server

How to configure Maldet in linux server?

Linux Malware Detect (LMD), also known as Maldet, is a malware scanner for Linux released under the GNU GPLv2 license. It is particularly effective for the detection of php backdoors, darkmailers and many other malicious files that can be uploaded on a compromised website.

Installation

It’s pretty much easy to install if you know how to run command’s in linux.

cd /usr/local/src
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -zxvf maldetect-current.tar.gz
rm -rf maldetect-current.tar.gz
cd maldetect-1.5/
./install.sh


If you run command, maldet -- help, you can find many options to scan your server.

For example, if you want to scan whole /home directory, you can run following command.

maldet -a /home

If you want to scan only public_html directorie’s of all accounts on the server, you can run following command.

maldet -a /home/?/public_html

If you want to configure maldet to scan daily and get reports to mail, you can follow below given procedure.

Go to the maldet configuration file conf.maldet which is generally found in /usr/local/maldetect direcotry.

In this file, you need to find out email_alert which you need to turned on whilst in email_addr field, you need to enter your email id after ‘=’.

For eg: email_addr=”admin@hostingsupports.com”

The default cron for daily maldet scan will be seen under,

/etc/cron.daily/maldet

You can specify what directory you want to configure on daily basis.

How to Uninstall or Remove Maldet?

You can remove every files created by maldet manually and it is indeed a difficult task. So you can remove the same simply by executing the uninstall.sh bash script like as described below.

Move to /usr/local/maldetect

Then execute the uninstaller script,

./uninstall.sh

Uninstaller will ask for confirmation “Would you like to proceed?”. Enter “y” and press enter to remove maldet.