Edit file

File name : monitor-modsec

Content :#!/bin/bash file=$1 sigp='' for i in php.a2.ldb php.a2.ndb a2.hdb a2.ndb rfxn.ndb rfxn.hdb; do sigp="$sigp -d /usr/local/cpanel/3rdparty/share/clamav/$i " done result=`clamscan $sigp -i --no-summary "$file"|sed 's/\n//g'|cut -d: -f2` if [ -n "$result" ];then #echo "Result $result" >> /tmp/465 if [[ "$result" =~ "base64" ]];then sed -i -e 's/<?.*eval(base64_decode(.*?>//' -e 's/<?php.*eval(base64_decode(.*?>//' -e 's/eval(base64_decode([^;]*;//' $file sed -i -e 's/<?.*eval(gzinflate(base64_decode(.*?>//' -e 's/<?php.*eval(gzinflate(base64_decode(.*?>//' -e 's/eval(gzinflate(base64_decode(.*);//' $file echo "1 A2Scan: OK" exit else curl -k -F supersecretkey=fanfulrofiajwearEmAb -F "privmsg=`hostname` WEB:$result $HTTP_HOST FILE:$SCRIPT_FILENAME SCRIPT:$SCRIPT_NAME IP:$REMOTE_ADDR" -F 'name=#hacks' http://nag.a2hosting.com/nagbot.php echo "0 A2Scan: $result" exit fi fi echo "1 A2Scan: OK"

Save