Now Trending:
Home
How to Install and Configure Linux Malware Detect on Your Server

How to Install and Configure Linux Malware Detect on Your Server

May 5, 2025

A few weeks ago, I helped a friend who ran a small online store. One day, his site was suddenly slow and acting weird. After checking around, we found some strange files hidden in the server. A hacker had uploaded malware. My friend asked, “How do I stop this from happening again?” That’s when I told him about Linux Malware Detect.

In this post, I’ll show you how to install and set it up yourself. It’s not hard, and it gives you peace of mind.

What Is Linux Malware Detect?

Linux Malware Detect (or LMD for short) is a free tool. It scans your Linux server for malware. It finds bad files, backdoors, and scripts that hackers use to take over your system.

It works well with shared hosting and web servers. I’ve used it on many sites, especially WordPress.

Some people call it Maldet, short for “Malware Detect.”

You can even set it to scan files daily and send you alerts.

Why Should You Use It?

You might think, “I don’t need this. My site is small.” But hackers don’t care. They often attack small websites because they’re easy targets.

With LMD, you can:

  • Catch malware early
  • Remove infected files safely
  • Monitor your site in real time

It’s like having a guard dog for your server.

What You Need Before You Start

To follow this guide, you should:

  • Have a Linux server (like Ubuntu or CentOS)
  • Have sudo or root access
  • Be able to use the terminal

If you don’t have a server yet, you can try this on a test machine first.

Step 1: Download and Install Linux Malware Detect

First, open your terminal and switch to the /usr/local/src folder:

cd /usr/local/src

Now download the latest version of LMD:

sudo wget http://www.rfxn.com/downloads/maldetect-current.tar.gz

Next, extract the file:

sudo tar -xzf maldetect-current.tar.gz

Go into the extracted folder:

cd maldetect-*

Now run the install script:

sudo ./install.sh

After a few seconds, it will say something like “Installation completed.”

You can check the version like this:

maldet --version

Step 2: Update Malware Signatures

Signatures are like a list of known bad files. LMD uses them to find malware.

To update them, run:

sudo maldet -u

This keeps the tool ready to detect the latest threats.

Step 3: Run a Manual Scan

Let’s try scanning a folder. For example, scan your web root folder:

sudo maldet -a /var/www/html

The -a option means “scan all files in this path.”

This might take a while, depending on how many files you have. When it’s done, you’ll see a scan ID like:

SCANID: 050524-1234.5678

You can check the results with:

sudo maldet --report 050524-1234.5678

Replace the scan ID with the one you got.

Step 4: Configure LMD Settings

Now let’s set it up to scan automatically.

Open the config file:

sudo nano /usr/local/maldetect/conf.maldet

You’ll see lots of options. Some useful ones:

  • email_alert="1" → turns on email alerts
  • email_addr="[email protected]" → your email
  • quar_hits="1" → quarantine infected files
  • quar_clean="1" → try to clean files automatically
  • scan_clamscan="1" → use ClamAV if it’s installed (faster scans)

After editing, save and exit (CTRL+O, ENTER, then CTRL+X).

Step 5: Set Up Daily Scans (Optional but Useful)

Let’s add a daily scan using cron, a tool that runs tasks on a schedule.

Open your root crontab:

sudo crontab -e

Add this line at the bottom:

@daily /usr/local/maldetect/maldet -a /var/www/html

This tells your server to scan /var/www/html every day.

If you want email reports, make sure email is set up on your server.

Bonus: Use LMD with ClamAV

ClamAV is another antivirus tool. It works well with LMD.

To install it:

On Ubuntu:

sudo apt install clamav clamav-daemon

On CentOS:

sudo yum install epel-release
sudo yum install clamav clamav-update

Once installed, LMD will use it to scan faster.

Troubleshooting Tips

If something doesn’t work, try these:

  • No reports show up? Use sudo maldet --report list to see all reports.
  • Email not working? Check if your server has mail configured.
  • Scan takes forever? Use ClamAV or scan smaller folders.

Useful LMD Commands

Here are some simple commands I use often:

  • Update signatures: sudo maldet -u
  • Scan folder: sudo maldet -a /path/to/folder
  • Check reports: sudo maldet --report SCANID
  • Restore file from quarantine: sudo maldet --restore /path/to/file

And if you want to clear old quarantine files:

sudo maldet --purge

Summary of What You Did

You just:

  • Installed Linux Malware Detect
  • Scanned your server for malware
  • Set up automatic scans
  • Learned how to read reports and alerts

That’s a big step in securing your server.

Why I Trust LMD

I’ve used LMD for years on both personal projects and client sites. It’s saved me many times.

Once, I found a hidden backdoor in a WordPress plugin using LMD. It was disguised as a regular PHP file. If I hadn’t scanned the server, I never would’ve noticed it.

Other tools can do similar things, but I like LMD because:

  • It’s free
  • It works well with real-world web servers
  • It’s easy to use from the terminal

When Should You Run a Scan?

Try scanning:

  • After you upload new files
  • After installing new plugins or themes
  • Once a day, or once a week with cron
  • Whenever your site acts weird

Two Quick Lists Before You Go

Good Habits for Safe Servers:

  • Keep backups
  • Run updates regularly
  • Limit who can upload files
  • Use tools like LMD and ClamAV

Bad Signs to Watch For:

  • Slow websites
  • Strange files in uploads folder
  • Unexpected logins or new users
  • PHP files that don’t belong

Final Thoughts

Keeping your server clean is just like cleaning your room. If you wait too long, things pile up and problems grow.

Linux Malware Detect helps you stay ahead of threats. It’s simple, free, and useful.

Do you have it running already? If not, why not try it today?

Tweet

Related Posts

Leave a Reply