We use cookies
We use cookies to optimize our website. By continuing to browse the site, you agree to our use of cookies.
New design
Control panel
  • Русский
  • Українська
  • English
  • UAH
  • USD
  • RUB
  • EUR
  • 0-800-307-307 Hotline
  • +38 (044) 392-74-33 Kiev
  • +38 (057) 728-39-00 Kharkiv
  • +38 (056) 794-38-31 Dnipro
  • +38 (032) 229-58-93 Lviv
  • +38 (048) 738-57-70 Odessa
  • +38(093) 170-15-42  Life
  • +38 (067) 400-88-44 Kievstar
  • +1(888)393-24-51  USA, Toll free
  • +44(131)507-01-14  Great Britain
  • +7 (499) 348-28-61 Moscow

2.18.7. PHP Antimalware Scanner

Note

The list of utility parameters can be viewed using the command amwscan -h or at GitHub.

The utility is installed on the hosting servers PHP Antimalware Scannerwhich allows you to check PHP files for malicious code and potential vulnerabilities. Utility path: /usr/local/bin/amwscan.

  1. Connect to hosting via SSH.
  2. Run the command:
    amwscan ~/example.com/www/

    In a team:

    • ~/example.com/www/ - the path to the directory to be scanned.

In the process of scanning in interactive mode, when threats are detected, you must select one of the proposed actions:

  • [1] Delete file - delete a file.
  • [2] Move to quarantine - quarantine.
  • [3] Dry run evil code fixer - run the application to remove the dangerous code. Not recommended
  • [4] Dry run evil line code fixer - run the application to remove dangerous code only in a potentially dangerous area. Not recommended
  • [5] Open with vim - open the file in Vim.
  • [6] Open with nano - open the file in nano.
  • [7] Add to whitelist - add the signature in this file to the whitelist.
  • [8] Show source - show the source (file).
  • [-] Ignore - skip the current file.
  1. Connect to hosting via SSH.
  2. Run the command:
    amwscan ~/example.com/www/ -r --path-report ~/amwscan-report/amwscan_report.html

    In a team:

    • ~/example.com/www/ - the path to the directory to be scanned.
    • -r - means that only scanning and report generation will be performed without making any changes to the files.
    • –path-report - means that the next argument is the path to the generated report.
    • ~/amwscan-report/amwscan_report.html - path to the generated report.

The scan will generate HTML-report with information about detected threats. The report can be downloaded and opened in any browser. The information in the report is for informational purposes only; all troubleshooting steps must be performed manually. Sample report: