A Short Guide to Identifying and Removing Malware on cPanel Websites and Servers
One of the more pressing security issues for system administrators and website owners that use cPanel servers is the possibility of malware attacking their hardware or websites. This type of hostile or intrusive software is being used to collect private information. Gone are the days when malware was used merely as a way to advertise or promote a product or service.
Moreover, advanced malware has become hard to detect. System administrators will probably only find out about the malware after it has successfully attacked or compromised the servers. This is far from the malware of previous years which can be blocked from the start, and prevent them from compromising the servers.
But if you are a newbie system administrator, or you are doing the monitoring for your website, how can you check if your site or server has malware? And how can you get rid of it?
Checking for malware
For website owners, the easiest and quickest way to checking if their website has been compromised is to go to http://www.google.com/safebrowsing/diagnostic?site= domain name.
The page should show a warning if the website listed indeed has malware.
For server administrators, there are different tools on cPanel that can detect malware infection. These include Quick Security Scan, Security Advisor, and ClamAV. These tools can also advise users how to get rid of the malware from the server.
To run Security Advisor on a Web Host Manager, simply click Home then Security Center and then go to Security Advisor. This will run a security scan on the server, and recommend steps to resolve security issues.
Website owners and system administrators can also turn to Background Process Killer. It can be accessed by clicking Home, then System Health, and then Background Process Killer. The said feature allows users to choose processes that the system will turn off. An email notification is then set to the user after the system terminates a process.
cPanel also features a ClamAV scanner, a top antivirus software toolkit. This program can be run by clicking Home, then Plugins, and then Configure ClamAV Scanner. When enabled, it searches for malicious programs and flags any files containing malicious software on the cPanel server.
Third party tools such as MycPAdmin can also be used to check malware intrusion or attacks.
It is difficult to remove malware from a website manually. The use of an automated application such as SiteLock Essential can help in removing software that has compromised a website’s files. The said tool uses SMART scan technology that can find and remove malware.
Website owners who have been attacked by malware should change their passwords immediately. The use of strong passwords is highly recommended. Strong passwords should have at least 8 characters and using a combination of letters, numbers, and symbols.
The ideal password should also not use dictionary words. It must not also contain personal information of the user.
Malware may have become more advanced in the past few years, but this doesn’t mean that these malicious files are impossible to contain. With the help of cPanel server monitoring tools, malware can be removed quickly.