As I sipped my first coffee of the day, I received a phone call from a web visitor at work. "You're web site just gave me a virus." was the blunt query. I chuckled, fired up our homepage and began to explain the best way of removing such infestations.
Then suddenly I realised he was right - my screen was completely littered in Javascript errors, warning dialogs and everything except the real web site. I pulled the site down and took a closer look.
A lot of our sites are hosted on shared web space, including this one. This means there could be hundreds of other users on the box, all running their own scripts, all at varying standards of security.
In this case, a vulnerability had been discovered on another site that was abused to infect web sites across the server. It appended some malicious code to HTML and PHP files, spreading rapidly to Windows end-users across hundreds of sites. Mine included.
Like any web master, I was furious such rubbish was strewn all over my site, and had to take a phone call from a disgruntled visitor to notice it. The answer? phpAntiVirus of course.
phpAntiVirus has been designed to protect web masters using shared hosting environments, by routinely scanning publically accessable web files. This involves:
The project was released open source in June 2005.