cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add 'Scan all user accounts' option to malware scanner menu

Browse Source 
New Feature: Quick scan option for all user directories

Added new menu option #2: "Scan all user accounts (all user home directories)"
This provides a fast way to scan all user content without scanning the
entire system (which includes /usr, /opt, /var system directories).

Menu Structure (Updated):
  1. Scan entire server (full system - all directories)
  2. Scan all user accounts (all user home directories) ← NEW
  3. Scan specific user account
  4. Scan specific domain
  5. Scan custom path
  6. Check scan status
  7. View scan results
  8. Delete scan sessions
  9. Install all scanners
  10. Scanner settings

Implementation:
- Detects control panel and scans appropriate user base directory:
  - cPanel/InterWorx/Standalone: /home
  - Plesk: /var/www/vhosts
- All scanners (ImunifyAV, ClamAV, Maldet, RKHunter) scan the user base
- Faster than full system scan, focuses on user-uploaded content
- Ideal for quick malware checks on hosting servers

Use Cases:
- Quick daily/weekly scans of user content only
- After suspicious activity on user accounts
- Routine security audits of hosted sites
- Pre/post migration security checks

User Request:
"can you add an option to scan for all user folders? I assume since
we track when the server management script launches which control
panel is running and then track where the users and the folders are
we should be able to fix in the root folder we need to scan."

Changes:
- Updated show_scan_menu() to add option 2 and renumber subsequent options
- Updated launch_standalone_scanner_menu() to handle "all_users" preset
- Added case 2 to detect control panel and set appropriate user base path
- Renumbered existing cases 2→3 (user), 3→4 (domain), 4→5 (custom)

Result:
Users can now quickly scan all user accounts with one click!
This commit is contained in:
cschantz
2025-12-22 22:27:30 -05:00
parent 0751cc67c9
commit 949ffb9d05
1 changed files with 52 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/security/malware-scanner.sh
+52 -21
View File
@@ -1644,9 +1644,10 @@ launch_standalone_scanner_menu() {
if [ -n "$preset_scope" ]; then if [ -n "$preset_scope" ]; then
case "$preset_scope" in case "$preset_scope" in
server) scope_choice=1 ;; server) scope_choice=1 ;;
user) scope_choice=2 ;; all_users) scope_choice=2 ;;
domain) scope_choice=3 ;; user) scope_choice=3 ;;
custom) scope_choice=4 ;; domain) scope_choice=4 ;;
custom) scope_choice=5 ;;
*) scope_choice=0 ;; *) scope_choice=0 ;;
esac esac
else else
@@ -1688,6 +1689,34 @@ launch_standalone_scanner_menu() {
;; ;;
2) 2)
# All user accounts
echo ""
echo "Scanning all user home directories..."
# Determine user base directory based on control panel
local user_base_dir
case "$CONTROL_PANEL" in
plesk)
user_base_dir="/var/www/vhosts"
;;
cpanel|interworx|standalone)
user_base_dir="/home"
;;
*)
user_base_dir="/home"
;;
esac
# Add the user base directory to scan paths
scan_paths=("$user_base_dir")
scan_description="all user accounts in $user_base_dir"
echo "Control Panel: ${CONTROL_PANEL^}"
echo "User directory: $user_base_dir"
echo "Scan scope: All user home directories"
;;
3)
# Specific user # Specific user
echo "" echo ""
echo "Available users:" echo "Available users:"
@@ -1716,7 +1745,7 @@ launch_standalone_scanner_menu() {
echo "Found ${#scan_paths[@]} docroots for $SELECTED_USER" echo "Found ${#scan_paths[@]} docroots for $SELECTED_USER"
;; ;;
3) 4)
# Specific domain # Specific domain
echo "" echo ""
read -p "Enter domain name: " domain read -p "Enter domain name: " domain
@@ -1744,7 +1773,7 @@ launch_standalone_scanner_menu() {
echo "Found docroot: ${scan_paths[0]}" echo "Found docroot: ${scan_paths[0]}"
;; ;;
4) 5)
# Custom path # Custom path
echo "" echo ""
read -p "Enter path to scan: " custom_path read -p "Enter path to scan: " custom_path
@@ -1989,18 +2018,19 @@ show_scan_menu() {
echo -e "${CYAN}Create New Scan:${NC}" echo -e "${CYAN}Create New Scan:${NC}"
echo " 1. Scan entire server (full system - all directories)" echo " 1. Scan entire server (full system - all directories)"
echo " 2. Scan specific user account" echo " 2. Scan all user accounts (all user home directories)"
echo " 3. Scan specific domain" echo " 3. Scan specific user account"
echo " 4. Scan custom path" echo " 4. Scan specific domain"
echo " 5. Scan custom path"
echo "" echo ""
echo -e "${CYAN}Monitor & Manage:${NC}" echo -e "${CYAN}Monitor & Manage:${NC}"
echo " 5. Check scan status" echo " 6. Check scan status"
echo " 6. View scan results" echo " 7. View scan results"
echo " 7. Delete scan sessions" echo " 8. Delete scan sessions"
echo "" echo ""
echo -e "${CYAN}Configuration:${NC}" echo -e "${CYAN}Configuration:${NC}"
echo " 8. Install all scanners" echo " 9. Install all scanners"
echo " 9. Scanner settings" echo " 10. Scanner settings"
echo "" echo ""
echo -e " ${RED}0.${NC} Back" echo -e " ${RED}0.${NC} Back"
echo "" echo ""
@@ -2009,14 +2039,15 @@ show_scan_menu() {
case $choice in case $choice in
1) launch_standalone_scanner_menu "server" ;; 1) launch_standalone_scanner_menu "server" ;;
2) launch_standalone_scanner_menu "user" ;; 2) launch_standalone_scanner_menu "all_users" ;;
3) launch_standalone_scanner_menu "domain" ;; 3) launch_standalone_scanner_menu "user" ;;
4) launch_standalone_scanner_menu "custom" ;; 4) launch_standalone_scanner_menu "domain" ;;
5) check_standalone_status ;; 5) launch_standalone_scanner_menu "custom" ;;
6) view_scan_results ;; 6) check_standalone_status ;;
7) delete_standalone_sessions ;; 7) view_scan_results ;;
8) install_all_scanners ;; 8) delete_standalone_sessions ;;
9) scanner_settings ;; 9) install_all_scanners ;;
10) scanner_settings ;;
0) return 0 ;; 0) return 0 ;;
*) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;;
esac esac