Hackers or script kiddies often end up defacing and hijacking your website. They can do this because you are not looking! Or not loking hard enough.
An antimalware/antivirus scan for linux would be a good thing as it would allow you to scan files on your server on a periodic basis(using cronjobs). Mostly backdoors are uploaded using upload forms that are made available for genuine users to upload stuff like pictures, attachments and other content. These forms, if badly written, or if there is no check for execution of code in the webroot can pretty much wipe out the server. So you need to be proactive and check your files as often as possible and clean them before things get out of hand.
Clamav is a good antivirus/malware scanner. Set it up to do your file watch job. Here’s the process to get it going on dreamhost.
- svn co http://svn.clamav.net/svn/clamav-devel/trunk/
- ./configure --prefix=$HOME --user=yourusername --group=yourgroupname
- make & make install
- edit /home/yourusername/etc/freshclam.conf and comment out the 4the line as instructed
- edit /home/yourusername/etc/clamd.conf same edits as earlier for clamd
- run freshclam and then clamdscan $HOME to find any backdoor or virus payload on your website.
Contact us if you need asistance with reclaiming your hacked website/server as well as other linux server admin requirements