I'm a web designer, and one of my clients got an email from their host, Godaddy, saying a potentially malicious file was found and needs to be removed, then gave the name of the file. However, the host did not say which directory it was in. Since it may be malicious I'd rather not download the website and search it. What is the best way to search for this? Is there a way to do it without logging in to the directory? Thank you for any suggestions.
Just write a one-shot script that will search for the file by name, given the credentials. It shouldn't take too much time.
If you have ssh access, you and mlocate is installed, you can simply run... #locate filename.txt If not, and you do not want to install mlocate, you can perform a find command. We use / to search the entire server, and it may take a while, but will return all results. #find / -name filename.txt If there are too many results, for whatever reason, you can also store the results in a file and parse it after #find / -name filename.txt > find.output and then use any editor to view the results #nano find.output As a last resort, if you do not have SSH access, but have FTP access, you can use filezilla, and the magnifying glass tool to search, and that will look through all directories and locate files for you. This is very slow, but works.