My host (dreamhost.com) let me know that it had found some malicious files on the various websites I host. Malware can get snuck onto a site like a Cuckoo’s egg, using up resources and decreasing the reputation of domain names in spam filters and search results. I’m still working on properly fixing everything but some my predated sites were ancient html sites with no cgi of any kind that shouldn’t of had updates since 2004 or 2006. Anything more recent could easily be marked as garbage.
With shell access there are some commands that can help remove the too-new files. This will also work on Linux and MacOS computers.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # (find) in this directory (.) items of (-type) file (f) whose last modification (-mtime) was less than 365 days ago (-365) | |
| # pipe the result into a file called newfiles.txt | |
| find . -type f -mtime -365 > newfiles.txt | |
| #look at newfiles.txt | |
| cat newfiles.txt | |
| #if everything listed is a malicious file | |
| #run the find again, but instead of outputing to file | |
| #run as a subprocess (-exec) the remove command (rm) on each result ({}) | |
| #terminate the exec called subrocess (\; , where the \ escapes the required 😉 | |
| find . -type f -mtime -365 -exec rm {} \; |
To learn more, Indiana University has a find command tutorial. Also Wayne Pollock’s A Unix/Linux “find” Command Tutorial for more about using exec and other features.
And for the ubernerds, a discussion of the difference between using exec and xargs for processing find results. (exec is more tolerant of funny file names and I was not deleting massive numbers of files…)