Malware.Expert – Commercial ModSecurity Rules for use it ModSecurity or compatible Web Application Firewalls (WAF) and gives special tips for protection against malware attacks, namely bot network attacks. Also, we provide analysis on Linux releases, which are targeting threats that shared hosted environments can face.
Hosting providers suffer on a daily basis the consequences of the many security vulnerabilities found in commonly used CMSs such as WordPress, Drupal, and Joomla.
We provide protection against such kind of malware and bot network attacks even before customer patch their CMSs and before they get their website hacked while keeping the functionality of the website untouched.
Our Commercial ModSecurity rules working also with these control panels:
– DirectAdmin
– cPanel / WHM – (ModSecurity™ Vendors)
– Plesk
We started developing our rules back in 2015, and now they are protecting over 10 000 of our customer’s websites. Also, our rules protect against over 99,9% of the bot network generics attacks.
ClamAV SIGNATURES
PHP MALWARE
Malware Expert produces php signatures to help improve the ClamAV detection rate on PHP malware.
The signatures that we share are MD5 file hashes and HEX pattern matches. They are also easily exported to any number of detection tools such as ClamAV.
The driving force behind Malware Expert is that there is currently limited availability of open source/restriction free tools for Linux systems that focus on malware detection in PHP files.
Many of the ClamAV signatures that perform malware detection on Linux have a very poor track record of detecting threats, especially those made for shared hosted environments in mind.