Cyber Security – HostEONS – Best VPS, Dedicated Servers and Web Hosting

Firewall vs WAF: Which One Does Your Website Need?

hosteons August 6, 2025 Leave a Comment

When it comes to securing your website or VPS, two terms often come up: Firewall and WAF (Web Application Firewall). While they sound similar, they serve different purposes. Choosing the right one—or knowing when to use both—is crucial for protecting your applications and data from cyber threats.

In this article, we’ll break down the differences, benefits, and best use cases for Firewalls and WAFs.

✅ What is a Firewall?

A firewall is a network security system that filters incoming and outgoing traffic based on predefined rules. It operates at the network and transport layers (Layer 3 and Layer 4 of the OSI model).

What it does:

Blocks unauthorized access to your VPS or network
Controls which IP addresses, ports, and protocols can communicate
Prevents brute-force attacks and scans

Types of Firewalls:

Host-based (e.g., UFW, Firewalld)
Network-based (hardware or cloud)

Example: Blocking all ports except 80 (HTTP), 443 (HTTPS), and SSH.

✅ What is a WAF (Web Application Firewall)?

A Web Application Firewall protects web applications by filtering HTTP/S traffic. It operates at the application layer(Layer 7 of the OSI model) and is designed to prevent attacks like:

SQL Injection
Cross-Site Scripting (XSS)
File Inclusion Attacks
OWASP Top 10 vulnerabilities

How it works:

Analyzes HTTP requests before they reach your application
Blocks malicious patterns in URL, headers, or payload
Can be deployed as a reverse proxy (e.g., Cloudflare, AWS WAF)

✅ Firewall vs WAF: Key Differences

Feature	Firewall	WAF
Layer	Network (Layer 3/4)	Application (Layer 7)
Protection Focus	IPs, Ports, Protocols	HTTP/S requests and app vulnerabilities
Blocks	Unauthorized access, brute force	SQL Injection, XSS, Web Exploits
Deployment	Server or Network Level	Application or CDN Level

✅ Do You Need Both?

Yes, in most cases.

Firewall ensures your VPS isn’t exposed to unnecessary ports or traffic.
WAF adds another layer by inspecting HTTP/S traffic for malicious patterns.

Think of it like this:

Firewall = Lock on your front door
WAF = Security guard checking IDs at the entrance

✅ Best Practices for VPS Security

Enable a firewall on your VPS using UFW or Firewalld.
Install Fail2Ban to protect against brute-force attempts.
Use a WAF service like Cloudflare for application-layer protection.
Keep your apps and OS updated to avoid zero-day vulnerabilities.
Take regular backups for quick recovery.

✅ Hosteons VPS Security Advantage

At Hosteons, all VPS plans are designed for security:

Full root access to configure UFW, CSF, or any firewall
10Gbps network ports for fast, secure connectivity
Compatible with Cloudflare WAF and other security tools

👉 Explore plans:

Final Thoughts

A firewall and a WAF are not competitors—they complement each other. Use both to achieve comprehensive protectionfor your VPS and websites.

How to Protect Your VPS Against Ransomware Attacks

hosteons August 4, 2025 August 4, 2025 Leave a Comment

Ransomware attacks have become one of the most dangerous cybersecurity threats in recent years. These attacks encrypt your data and demand a ransom for its release, causing downtime, financial losses, and sometimes permanent data loss.

If you’re running a VPS, you are a target—but with the right security practices, you can significantly reduce the risk. In this guide, we’ll show you how to protect your VPS from ransomware attacks.

✅

What is Ransomware and Why Target VPS?

Ransomware is malicious software that encrypts your files or system, rendering them unusable until a ransom is paid. VPS servers are attractive targets because:

They often host business-critical applications
Many users fail to apply security updates
Weak configurations leave them exposed to attacks

Top Ways to Secure Your VPS from Ransomware

✅

1. Keep Your System Updated

Unpatched systems are the most common entry point for attackers.

Update your VPS regularly:

sudo apt update && sudo apt upgrade -y   # For Debian/Ubuntu
sudo dnf update -y                      # For CentOS/AlmaLinux

✅

2. Use Strong SSH Security

Disable root login
Use SSH keys instead of passwords
Change the default SSH port

Example:

PermitRootLogin no
PasswordAuthentication no
Port 2222

Restart SSH:

systemctl restart ssh

✅

3. Enable a Firewall

Limit access to essential ports only.

For Ubuntu/Debian:

sudo ufw allow 2222/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw enable

✅

4. Install Fail2Ban

Block brute-force attempts:

sudo apt install fail2ban -y    # Debian/Ubuntu
sudo dnf install fail2ban -y    # CentOS/AlmaLinux

✅

5. Use Real-Time Malware Protection

Install tools like ClamAV or Maldet to detect malicious files:

sudo apt install clamav -y

✅

6. Secure Web Applications

Keep CMS platforms like WordPress up to date
Use strong admin passwords
Install security plugins and WAF (Web Application Firewall)

✅

7. Enable Regular Backups

Backups are your best defense against ransomware. Even if your server is compromised, you can restore your data without paying a ransom.

Options:

Use Hosteons’ VPS backup service
Use remote backup tools like rclone or rsync

✅

8. Implement Principle of Least Privilege

Only give necessary access to users and apps. Avoid running unnecessary services.

✅

9. Monitor Your VPS

Set up monitoring tools like:

fail2ban logs
UFW logs
Host-based Intrusion Detection Systems (HIDS) like OSSEC

Hosteons VPS Security Features

All Hosteons VPS plans are built for security and performance:

KVM Virtualization for complete isolation
10Gbps Ports for high-speed secure connections
Full Root Access to configure your own security stack
IPv6 Ready
Affordable Plans starting at $2.99/month

👉 Order a VPS today:

Final Thoughts

Ransomware is a growing threat, but with regular updates, strong security practices, and backups, your VPS can stay protected. Don’t wait until it’s too late—secure your VPS now.

How to Secure a VPS Right After Deployment – Checklist for 2025

hosteons July 24, 2025 July 24, 2025 Leave a Comment

Deploying a VPS is the first step to building your online presence, hosting applications, or running business-critical services. But if you don’t secure it immediately after deployment, your server could become an easy target for hackers and automated bots.

Here’s a step-by-step security checklist for 2025 to harden your VPS from the start.

✅

1. Update Your System

Outdated packages and kernels are the biggest vulnerabilities.

Run these commands right after login:

sudo apt update && sudo apt upgrade -y   # For Ubuntu/Debian
sudo dnf update -y                      # For CentOS/AlmaLinux

✅

2. Create a New User and Disable Root Login

Never use the root account for day-to-day operations.

adduser youruser
usermod -aG sudo youruser

Edit the SSH configuration:

sudo nano /etc/ssh/sshd_config

Change:

PermitRootLogin no

Restart SSH:

systemctl restart ssh

✅

3. Set Up SSH Key Authentication

Passwords can be brute-forced. Use SSH keys instead.

Generate keys on your local machine:

ssh-keygen -t rsa -b 4096

Copy your public key to the VPS:

ssh-copy-id youruser@server_ip

Disable password login in /etc/ssh/sshd_config:

PasswordAuthentication no

Restart SSH again.

✅

4. Change the Default SSH Port

Bots scan port 22 for vulnerabilities. Change it to a non-standard port (e.g., 2222):

sudo nano /etc/ssh/sshd_config

Set:

Port 2222

Restart SSH:

systemctl restart ssh

✅

5. Enable a Firewall

Use UFW for Ubuntu/Debian:

sudo ufw allow 2222/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw enable

For CentOS/AlmaLinux (Firewalld):

sudo firewall-cmd --add-service=ssh --permanent
sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --add-service=https --permanent
sudo firewall-cmd --reload

✅

6. Install Fail2Ban

Protect against brute-force attacks:

sudo apt install fail2ban -y    # Debian/Ubuntu
sudo dnf install fail2ban -y    # CentOS/AlmaLinux

Enable and start Fail2Ban:

sudo systemctl enable fail2ban
sudo systemctl start fail2ban

✅

7. Disable Unnecessary Services

Check running services:

systemctl list-unit-files --type=service --state=enabled

Disable what you don’t need:

sudo systemctl disable service_name

✅

8. Enable Automatic Security Updates

On Ubuntu/Debian:

sudo apt install unattended-upgrades -y

On CentOS/AlmaLinux:

sudo dnf install dnf-automatic -y
sudo systemctl enable --now dnf-automatic.timer

✅

9. Install a Malware Scanner

Use ClamAV for basic malware scanning:

sudo apt install clamav -y

✅

10. Backup Regularly

Security is not complete without backups. Use tools like:

rsync
rclone
Cloud backups from your Hosteons VPS panel

Pro Tip:

Hosteons offers an Initial VPS Setup Script that secures your server instantly with best practices:

👉 GitHub Script

👉 Full Guide

Final Thoughts

Securing your VPS should never be an afterthought. With these 10 steps, you can minimize vulnerabilities and keep your server safe from evolving cyber threats in 2025.

🛡️ Ready to get started?

Order a reliable VPS now: Hosteons VPS Plans

Can You Stay Anonymous Online? Hosting with Crypto Explained

hosteons July 19, 2025 Leave a Comment

Online privacy is becoming more important than ever. Whether you’re a developer, business owner, or individual user, maintaining control over your identity and personal data is critical — especially in a world where surveillance, tracking, and data breaches are commonplace. One of the best ways to boost your privacy is by using cryptocurrency to pay for services like VPS or VDS hosting.

At HostEONS, we make anonymous hosting a reality. Here’s how.

Why Privacy Matters in Hosting

Most hosting providers require extensive personal details and perform strict verification checks, especially when payments are made through traditional gateways like credit cards or PayPal. For privacy-conscious users, that’s a red flag.

Common concerns include:

Exposure of personal identity
Data sharing with third parties
Risk of account suspension based on regional or political factors

How Crypto Payments Help You Stay Anonymous

Cryptocurrency allows you to make payments without linking your name, address, or banking details. When combined with a privacy-focused host like HostEONS, crypto makes near-anonymous hosting possible.

✅ No KYC (Know Your Customer) Checks

We do not require KYC for orders paid via cryptocurrency. You don’t need to submit ID, documents, or undergo verification — just place your order and start using your VPS or VDS.

✅ Wide Range of Crypto Supported

We accept:

Bitcoin (BTC)
USDT (TRC20 & ERC20)
Litecoin (LTC)
Ethereum (ETH)
Dogecoin (DOGE)
and many others via our crypto gateways

✅ No Questions Asked

Paying with crypto? We won’t ask why or for whom. You stay in control of your privacy and purpose.

How to Host Anonymously with HostEONS

Visit one of our product pages:
Select your plan and choose “Cryptocurrency” at checkout.
Pay using your preferred crypto wallet.
Get your VPS/VDS provisioned instantly (in most cases) with no identity verification.

Combine Crypto with Secure Practices

Using crypto is only part of the solution. For truly anonymous hosting, follow these best practices:

Use a secure, privacy-friendly email address
Avoid using personal domains that link to your identity
Secure your VPS with firewall rules, SSH keys, and fail2ban
Use VPN or Tor when accessing your control panel

Ideal for Developers, Privacy Enthusiasts, and Freedom Seekers

Whether you’re:

Running a private blog or forum
Deploying a VPN or proxy server
Hosting blockchain nodes or crypto projects
Or just prefer not to share your data…

HostEONS makes it easy to stay anonymous and in control of your online presence.

Get Started Today

Ditch the paperwork. Protect your privacy. Host on your terms.

🔐 Pay with crypto. No KYC. No questions asked.

Start here → https://hosteons.com

Top 5 Tips to Harden Your Linux VPS Against Attacks in 2025

hosteons June 24, 2025 Leave a Comment

In 2025, cyberattacks are more sophisticated than ever. Whether you’re hosting a personal project or critical business application, securing your Linux VPS is no longer optional—it’s essential. Thankfully, with just a few steps, you can drastically reduce your risk and keep your VPS locked down against the most common threats.

At Hosteons, we provide high-performance KVM VPS with root access, but security is a shared responsibility. Here’s how you can harden your VPS in minutes:

1. Use SSH Keys Instead of Passwords

Disable password login and use SSH key authentication for more secure, automated, and brute-force-resistant logins.

Steps:

Generate a key pair using ssh-keygen
Upload your public key to your VPS: ~/.ssh/authorized_keys
Disable password auth in /etc/ssh/sshd_config

👉 Read: Why You Should Use SSH Keys Instead of Passwords

2. Set Up a Firewall (UFW/iptables)

Block unnecessary ports to reduce your attack surface. Only open what’s required (e.g., 22 for SSH, 80/443 for web).

Example with UFW:

sudo ufw default deny incoming
sudo ufw allow 22
sudo ufw allow 80
sudo ufw allow 443
sudo ufw enable

3. Install and Configure Fail2Ban

Prevent brute-force attacks by banning IPs with too many failed login attempts.

Install Fail2Ban:

sudo apt install fail2ban

Create a jail for SSH and monitor logs like /var/log/auth.log or /var/log/secure.

👉 Full Fail2Ban Guide

4. Keep the System and Software Updated

Always run the latest security patches. Use tools like unattended-upgrades for automated updates.

Commands:

sudo apt update && sudo apt upgrade
sudo yum update

Outdated software is one of the most exploited vulnerabilities.

5. Monitor Login Attempts and File Changes

Install tools to track unauthorized access and suspicious activity.

Use auditd to track system events
Use logwatch or logcheck to scan logs for anomalies
Monitor /var/log/auth.log for failed logins

👉 Read: How to Monitor Login Attempts and File Changes on Your VPS

Bonus: Disable Root Login

Prevent direct root access by using a non-root sudo user instead.

In /etc/ssh/sshd_config:

PermitRootLogin no

Final Thoughts

Hardened servers are happy servers! With these 5 simple steps, you’ll block the majority of attacks targeting Linux VPS.

At Hosteons, we give you the control, performance, and reliability — now it’s your turn to secure it.

🔐 Ready to deploy a secure VPS?

👉 Explore Our KVM VPS

👉 Premium Ryzen VPS

How to Monitor Login Attempts and File Changes on Your VPS

hosteons June 11, 2025 Leave a Comment

When you manage your own VPS, keeping it secure goes far beyond setting up a strong password or using SSH keys. One of the most important — and often overlooked — tasks is monitoring login attempts and file changes.

If someone tries to brute-force their way into your server or modifies system files without authorization, you need to know immediately. In this post, we’ll walk you through simple tools and methods to keep an eye on your VPS security 24/7.

🔍 Why Monitoring Matters

Cyberattacks aren’t always obvious. Hackers often:

Try to gain access via repeated failed logins
Modify configuration files to install backdoors
Inject malicious code into websites or scripts
Use rootkits to hide their presence

By monitoring login attempts and file changes, you can detect suspicious activity early and prevent damage before it escalates.

🛡️ Monitor Login Attempts with

Fail2Ban

✅ What It Does:

Fail2Ban scans your log files (like /var/log/auth.log) and bans IPs that show signs of malicious behavior, such as too many failed login attempts.

🔧 How to Install:

sudo apt update && sudo apt install fail2ban -y

📂 Basic Configuration:

The main config file is located at:

/etc/fail2ban/jail.local

A sample rule to monitor SSH:

[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 3

Fail2Ban automatically updates your firewall to block suspicious IPs.

🗂️ Monitor File Changes with

AIDE

(Advanced Intrusion Detection Environment)

✅ What It Does:

AIDE scans the file system and creates a baseline. It then alerts you when files are modified, added, or deleted.

🔧 How to Install:

sudo apt install aide -y

🛠️ Initialize the Database:

sudo aideinit
sudo cp /var/lib/aide/aide.db.new /var/lib/aide/aide.db

📊 Run Regular Checks:

sudo aide --check

For automation, schedule this via cron and configure it to email alerts.

🔁 Real-Time File Monitoring with

inotify-tools

For lightweight, real-time file monitoring (e.g., for specific web directories), use inotify-tools.

🔧 Install:

sudo apt install inotify-tools -y

Example: Watch for changes in

/var/www/html

:

inotifywait -m -r /var/www/html

This tool is great for developers and sysadmins wanting immediate feedback on file activity.

✉️ Optional: Email Alerts for Login & File Events

Combine these tools with email notifications or integrate them with your external monitoring system (Zabbix, Prometheus, or even a simple bash + mail setup) for real-time alerting.

🧠 Best Practices

🔐 Use SSH keys instead of passwords
🔒 Disable root login via SSH
🚫 Change default SSH port
📉 Monitor logs daily or automate alerting
🧾 Keep audit trails and backups

💡 All Hosteons VPS & VDS Plans Support These Tools

Whether you’re using a Budget KVM VPS, Ryzen KVM VPS, or Ryzen 7950X VDS, all of these monitoring tools can be installed and configured quickly.

We offer full root access and support popular Linux distributions like Ubuntu, Debian, AlmaLinux, and CentOS — perfect for custom security setups.

🔒 Secure Your VPS Before It’s Too Late

Don’t wait until something goes wrong. Set up login and file monitoring today — and stay in control of your VPS.

Have questions? Need help setting it up? Reach out to Hosteons Support — we’re here to help!

Why You Should Use SSH Keys Instead of Passwords on Your VPS

hosteons June 7, 2025 Leave a Comment

When managing your VPS or Virtual Dedicated Server (VDS), security should always come first. While many users rely on traditional passwords for remote access, SSH keys offer a far more secure and convenient alternative.

At Hosteons, we strongly recommend using SSH key authentication to secure your VPS access — and here’s why.

🔐 What Are SSH Keys?

SSH (Secure Shell) keys are a pair of cryptographic keys used to authenticate with a remote server:

Public Key: Stored on your VPS (e.g., in ~/.ssh/authorized_keys)
Private Key: Stored securely on your local device (e.g., ~/.ssh/id_rsa)

When you try to connect, your device proves ownership of the private key — no need to transmit a password.

🚫 The Problem with Passwords

Easily guessed or brute-forced
Often reused across multiple accounts
Susceptible to phishing or keylogging
Require manual entry each time

If your password is weak or exposed, your server is vulnerable.

✅ Benefits of Using SSH Keys

1. Stronger Security

SSH keys are typically 2048-bit or 4096-bit, which are practically uncrackable by brute force.

2. No Password Transmission

No password is sent over the network, making it immune to interception.

3. Convenience

You can set up password-less login using your key, often combined with an SSH agent or passphrase.

4. Script-Friendly

Automated deployments and Git-based workflows rely on SSH keys for secure, non-interactive authentication.

5. Block Brute-Force Attacks

Once password authentication is disabled, bots and attackers can no longer guess credentials.

🛠️ How to Set Up SSH Key Authentication

Generate a Key Pair (on your local machine):

ssh-keygen -t rsa -b 4096

Upload the Public Key to Your VPS:

ssh-copy-id user@your-vps-ip

Or manually place the public key into ~/.ssh/authorized_keys
Disable Password Authentication:Edit /etc/ssh/sshd_config on your VPS:

PasswordAuthentication no

Then restart the SSH service:

systemctl restart sshd

🔒 Combine with Fail2Ban and Firewall

For maximum protection:

Use Fail2Ban to block repeated failed login attempts
Limit access to port 22 using UFW or CSF firewall
Change the default SSH port (optional)

🧠 Summary

Using SSH keys instead of passwords is one of the simplest yet most powerful steps you can take to secure your VPS or VDS.

At Hosteons, all our KVM VPS, Ryzen VPS, and Ryzen 7950X VDS plans support full SSH key authentication out of the box.

Take 2 minutes to set it up — and save yourself from countless security headaches.

🚀 Instantly Secure and Set Up Your VPS with Hosteon’s Initial VPS Setup Script

hosteons June 5, 2025 Leave a Comment

Managing a new VPS can be overwhelming, especially when starting with a fresh Linux installation. That’s why we at Hosteons created a smart, interactive script to help new VPS users quickly set up their server with best practices in place—regardless of whether you’re using Ubuntu, Debian, AlmaLinux, CentOS, or Rocky Linux.

🎯 What This Script Does

Our open-source script, initial_vps_setup.sh, automates essential initial tasks, including:

🔐 Creating a new sudo user
📛 Checking if the user already exists and giving the option to update sudo access
🧰 Installing basic tools (curl, wget, git, htop, unzip, etc.)
🧱 Enabling firewall with UFW or firewalld based on your distro
🔐 Optionally generating a secure SSH key pair (displays private + public key for user)
🚫 Option to disable root SSH login
✅ Sets correct permissions and groups

🛠️ Compatible with All Major Linux Distributions

Tested and supported on:

Ubuntu
Debian
AlmaLinux
CentOS
Rocky Linux

The script auto-detects your OS and executes distro-specific commands where needed.

📜 Easy to Use

Just log in as root on your new VPS and run:

curl -sL https://raw.githubusercontent.com/hosteons/Initial-VPS-Setup-Script-for-Linux/main/initial_vps_setup.sh | bash

You’ll be guided through a few interactive prompts—no manual file editing required.

💻 Example Output and Access Instructions

After setup, you’ll get:

Username and SSH access instructions
SSH key (if generated)
Sample sudo usage instructions like:

sudo apt update
sudo systemctl restart nginx

🔐 Why It Matters

Security First: Disabling root login and using SSH keys makes brute-force attacks significantly harder.
Consistency: Every VPS is provisioned the same way—ideal for sysadmins managing multiple servers.
Time-Saving: No need to copy-paste multiple commands or look up tutorials.

❤️ Built and Maintained by Hosteons

This script is built and maintained by the team at Hosteons as part of our effort to make VPS hosting smoother and safer for everyone.

💾 GitHub Repo:

👉 https://github.com/hosteons/Initial-VPS-Setup-Script-for-Linux

🔐 Automatically Install Fail2Ban with Smart Jail Detection on Your VPS (Script by Hosteons)

hosteons June 3, 2025 Leave a Comment

Here’s a complete WordPress blog post draft to promote your Fail2Ban Auto-Installer script from GitHub:

🔐 Automatically Install Fail2Ban with Smart Jail Detection on Your VPS (Script by Hosteons)

At Hosteons, we’re committed to making server security easier for everyone. Whether you’re running a small VPS or managing a fleet of Linux servers, protecting against brute-force attacks is critical.

That’s why we’ve created a Fail2Ban Auto-Installer Script that not only installs Fail2Ban but also auto-detects and enables jails for common services like SSH, Apache, and Nginx — all in one click.

👉 GitHub Repository:

https://github.com/hosteons/Fail2Ban-Auto-Installer-With-Jail

✅ Key Features

Installs Fail2Ban on Ubuntu, Debian, AlmaLinux, and CentOS
Detects installed services (e.g., sshd, nginx, apache) and enables jails accordingly
Skips jails for services not found on the system
Handles log file paths intelligently based on distro
Verifies and restarts Fail2Ban only if configuration is valid
Smart checks if Fail2Ban is already installed
Minimal and safe — logs errors clearly

🧠 How It Works

When you run the script:

It detects your Linux OS flavor.
Installs Fail2Ban (if not already installed).
Checks if apache, nginx, or sshd is active.
Adds only the appropriate jails with correct log paths.
Restarts Fail2Ban and confirms its status.
Provides clear output so you know it’s working.

This ensures Fail2Ban doesn’t fail due to missing log files or services — a common issue in manual configurations.

📥 How to Use

Download the script:

wget https://raw.githubusercontent.com/hosteons/Fail2Ban-Auto-Installer-With-Jail/main/fail2ban_auto_installer.sh
chmod +x fail2ban_auto_installer.sh
./fail2ban_auto_installer.sh

That’s it. The script handles the rest!

🚀 Need a Secure VPS?

This script runs perfectly on our KVM VPS and Ryzen VPS plans. Visit hosteons.com to explore secure hosting powered by NVMe SSD and DDoS protection — with native support for IPv6, WireGuard VPN, and more.

🔗 Related Resources

One-Click Linux Malware & Rootkit Scanner Using ClamAV and RKHunter

hosteons May 31, 2025 Leave a Comment

Secure Your Linux VPS in One Click with Our Rootkit & Malware Scanner

Running a VPS or dedicated server? One of the most overlooked but critical steps is making sure your system is free of rootkits and malware.

To simplify this task, we at Hosteons have released a free and open-source script that automatically installs, updates, and runs malware and rootkit scans using two of the most trusted tools in the Linux ecosystem:

ClamAV – an open-source antivirus engine
RKHunter – a rootkit scanner that checks for backdoors, local exploits, and suspicious files

🔧 What the Script Does

Detects your Linux distribution (Ubuntu, Debian, CentOS, AlmaLinux)
Installs ClamAV and RKHunter
Automatically updates malware and rootkit signature databases
Fixes common errors like WEB_CMD=”/bin/false” in RKHunter config
Runs full ClamAV scan
Executes a complete RKHunter rootkit check
Compatible with minimal or fresh VPS installations

📥 Download and Run

Run the following commands to download and execute:

curl -O https://raw.githubusercontent.com/hosteons/linux-malware-scanner/main/scan.sh
chmod +x scan.sh
sudo ./scan.sh

Or get the full packaged ZIP with README and LICENSE:

👉 Download from GitHub

📋 Output and Logs

ClamAV scan will output infected files (if any)
RKHunter will show warnings and potential issues
All actions run with user confirmation and are fully transparent

⚠️ Note

This script is non-destructive – it only scans and reports. It does not automatically delete or quarantine any files. Always review flagged files before taking any action.