Search Our Database
How to Scan for Malware in Linux using AI-BOLIT
Introduction
AI-BOLIT is a popular tool that helps you detect vulnerabilities and malicious files on your website. This guide walks you through the steps to download, install, and run the AI-BOLIT scanner on your web server.
Prerequisites
- SSH access to your server
- Root or sudo privileges
Step 1: Accessing Your Server
To begin, access your server via SSH. Once logged in, navigate to the directory one level above your document root. For example:
cd /home/<username>/domains/<domain>/
Replace <username> with your server’s username and <domain> with your website’s domain name.
Step 2: Installing Links (Command-Line Browser) & Downloading the AI-BOLIT Scanner
Download AI-BOLIT scanner by using links. If you don’t have it installed, you can install and run it using the following commands:
yum -y install links links https://revisium.com/aibo
This will allow you to access the AI-BOLIT website through your server’s command-line interface. Navigate to Download Free and press enter to download the AI-BOLIT scanner.
Accept the prompt by selecting Save.
Press CTRL + C to exit links once you have downloaded the file.
Step 3: Extracting the AI-BOLIT Files
After downloading the zip file, extract its contents using the unzip command:
unzip ai-bolit-en.zip cd ai-bolit
Step 4: Running AI-BOLIT in a Screen Session
Because the scanning process may take time, it’s a good idea to run it in a screen session to avoid interruption if your connection drops. Start a new screen session:
screen
Next, run the AI-BOLIT scanner by specifying the path to your website’s document root:
php ai-bolit.php --path=/home/<username>/domains/<domain>/public_html
Step 5: Viewing the Scan Report
Once the scan is complete, the AI-BOLIT report will be generated and saved in your public_html directory. You can view the report by accessing it via a web browser or through the command line.
To save the report locally via the browser, open it and press CTRL + S.
Step 6: Cleaning Up
After reviewing the scan results, it’s important to remove the AI-BOLIT files and the scan report from the server for security reasons.
To remove the AI-BOLIT scanner files and reports, use the following command:
rm -rf /home/<username>/domains/<domain>/public_html/ai-bolit*
Conclusion
By following this guide, you’ve successfully scanned your website for vulnerabilities using AI-BOLIT. Make sure to run periodic scans to keep your site safe and secure, and remember to clean up the scanner files once your scan is complete to maintain server security.
Article posted on 6 January 2021 by Louis