To check, you can use any software, for example PHP-Antimalware-Scanner, which is great for scanning files with PHP scripts and more.
Here is a short guide to using PHP-Antimalware-Scanner. For more detailed instructions, you can read the author's documentation
Please note that installing and using additional software requires ssh access to the server, so this option is available to users of eVPS tariffs, dedicated servers "+ Smart panel", and cloud and dedicated servers. If you have the tariff package "Mini", "Site", "Portal" - to scan files for virus code, please write a request to technical support.
Before use: please note that there are automatically created backups of your site using the instructions Our system automatically creates backup copies of your site every night, and you can access them from the control panel, where you can manually restore the site files from the last 10 days of backups. If you need to restore data from older backups, you can contact our technical support. Our experts will assist you in restoring site files for the last 21 days.
How to check the site for viruses and malicious code?
Step 1. First you need to set up ssh access and connect via SSH
Step 2. Download the program file by going to the directory of your site in the command line (terminal) and executing the following command:
wget https://raw.githubusercontent.com/marcocesarato/PHP-Antimalware-Scanner/master/dist/scanner —no-check-certificate
Step 3. To start the process of checking the site for viruses, while in the directory of your site, execute the command:
php scanner ./ -r --path-report ./virusscan.html
but if you have an active PHP version on the site 5.6 and below, we recommend running the scanner under a higher PHP version, for example
php7.4 scanner ./ -r --path-report ./virusscan.html
where
php7.4 is the use of PHP version 7.4 specifically to run the scanner
./ is a scan of the directory in which we are located
-r - report only scan mode without checking and removing malware
./virusscan.html — save the results in the directory where you started the scan, in the virusscan.html file. If you were in the directory of your site, the result will be available to you via the link: https://YOUR-SITE.COM/virusscan.html Provide these results to your administrator or security professional for analysis and remediation of virus code, if present.
General recommendations
In addition to checking your site for viruses, there are other important steps you can take to keep your website safe.
We recommend the following actions:
- Ensure that your content management platform (CMS), themes, plugins and other components are always updated to the latest versions.
- Apply only official software versions and get updates from trusted sources.
- Use only strong and complex passwords.
- It is also recommended to download backups periodically via FTP for example using FileZilla to your local computer or to another resource.