Blog Sign Up Login
Get Protected
Antivirus
Free Scan
Website Security
Security Services
Extensions
Web Development
Contacts
Get Protected
Server Scanner

MalSSH Antivirus Scanner Installation & Documentation

MalSSH is a powerful server-level antivirus scanner from SiteGuarding that runs directly via SSH terminal, WHM/cPanel, or Plesk hosting panel. It performs deep file scanning on your server to detect malware, backdoors, trojans, webshells, and other security threats — providing enterprise-grade protection for your hosting environment.

Table of Contents

1

MalSSH Account Registration

Before you can use MalSSH, you need to create a SiteGuarding account specifically for server scanner tools. This process takes just a few minutes and gives you access to license management, downloads, and scan reports.

Step 1. Create Your Account

Go to the account registration page https://www.siteguarding.com/en/signup/server and create your account for server scanner tools. Fill in your email address and choose a secure password.

Step 2. Add a License

Once logged in, click the ADD LICENSE button to generate a license for your server. Each license is tied to a specific server, so if you manage multiple servers, you will need to create a separate license for each one.

Step 3. Download the Scanner

Click the Download button to get the MalSSH module for your preferred platform: terminal version (command line), WHM/cPanel, or Plesk hosting panel.

MalSSH Add License - SiteGuarding Account Dashboard

Tip: Your license key is unique to each server. Make sure to keep it safe — you will need it during the installation process. If you manage multiple servers as part of your enterprise website security infrastructure, create a separate license for each one.

2

Download MalSSH Antivirus Scanner

Step 1. Log In to Your Account

Log in to your account at https://www.siteguarding.com/en/login. If you don't have an account yet, go to the account registration page at https://www.siteguarding.com/en/signup/server and create your account for server scanner tools.

Step 2. Download the Scanner

In your account, you will find the list of available licenses. Click the Download button next to the license you want to use. For WHM/cPanel, you can also use this direct download link.

Step 3. Select Your Server Platform

Depending on your server panel, select the version you need to download. MalSSH is available for the following platforms:

Terminal (Command Line) WHM / cPanel Plesk Panel
MalSSH Download Page - Select Scanner Version
3

Documentation for MalSSH (Terminal Version)

The terminal version of MalSSH is a command-line scanner that works on any Linux server with SSH access. It doesn't require a hosting control panel — just upload it, set permissions, and run scans directly from your terminal. This makes it ideal for VPS, dedicated servers, and custom hosting environments that require advanced web protection.

Installation Steps

Step 1. Download the Terminal version of MalSSH scanner. (See the Download MalSSH antivirus scanner section above for instructions.)

Step 2. Upload MalSSH scanner to your server, for example to /etc/init.d/.

Step 3. Add execute permission:

Terminal
$ chmod u+x /etc/init.d/malssh

Help Page

To see all available options and usage information, run the help command:

Terminal — Help
$ /etc/init.d/malssh --help

Available Commands

MalSSH supports a range of commands for scanning, reporting, and managing your server's security. Below are the primary commands:

Terminal — Available Commands
# Scan a specific directory
$ /etc/init.d/malssh --scan /home/user/public_html/

# Scan the entire server
$ /etc/init.d/malssh --scan-all

# Update antivirus signatures
$ /etc/init.d/malssh --update

# Show scan report
$ /etc/init.d/malssh --report

# Show version and license info
$ /etc/init.d/malssh --version

Usage Samples

Here are some common usage examples to help you get started with MalSSH scanning:

Terminal — Samples
# Scan WordPress website directory
$ /etc/init.d/malssh --scan /home/mysite/public_html/

# Scan only PHP files for malware
$ /etc/init.d/malssh --scan /var/www/html/ --ext php

# Update signatures and run a full scan
$ /etc/init.d/malssh --update && /etc/init.d/malssh --scan-all

Important: MalSSH requires root or sudo access to perform full server scans. Always run --update before scanning to ensure you have the latest malware signatures. For the most up-to-date list of commands, run --help after installation.

4

Documentation for MalSSH (WHM/cPanel)

For servers running WHM/cPanel, MalSSH provides a dedicated version with a graphical interface integrated into your hosting panel. The WHM/cPanel version offers the same powerful scanning engine as the terminal version but with an easy-to-use web-based interface — perfect for hosting providers and server administrators who prefer a visual approach to security monitoring.

Please see the complete PDF documentation with step-by-step installation and usage instructions:

Download MalSSH WHM/cPanel User Guide (PDF)

Tip: The WHM/cPanel version can also be downloaded directly using this link: malssh_scanner.zip. Upload it through your WHM panel and follow the PDF guide for complete setup instructions.

Key Features of MalSSH Scanner

A professional server-level antivirus scanner built for hosting providers, system administrators, and businesses.

Server-Level Scanning

Scans files directly on the server via SSH — no browser, no CMS plugins needed. Detects threats at the filesystem level, including files hidden from web-based scanners.

Heuristic Detection

Uses SiteGuarding's proprietary heuristic engine to detect zero-day malware, obfuscated code, backdoors, webshells, and advanced threats that signature-based scanners miss.

Multi-Platform Support

Works on any Linux server via command line, integrates with WHM/cPanel and Plesk — giving you flexibility regardless of your hosting environment.

Frequently Asked Questions

Common questions about MalSSH antivirus scanner installation and usage.

What operating systems does MalSSH support?

MalSSH runs on all major Linux distributions including CentOS, Ubuntu, Debian, AlmaLinux, Rocky Linux, CloudLinux, and others. It requires SSH access (command-line access) to the server. For servers with WHM/cPanel or Plesk, dedicated panel-integrated versions are available.

Do I need root access to use MalSSH?

For full server scanning, root or sudo access is recommended. This ensures MalSSH can access all files and directories on the server. If you only have user-level access, you can still scan your own website directories, but some system-level files may not be accessible.

How often should I run MalSSH scans?

We recommend running scans at least once daily for active websites. You can automate this by setting up a cron job that runs MalSSH at a scheduled time. Always run --update before scanning to ensure you have the latest malware signatures. For enterprise website security, consider combining MalSSH with our continuous monitoring service.

Can I use MalSSH to scan multiple websites on the same server?

Yes. MalSSH can scan individual directories or the entire server. Use the --scan command with specific paths to scan individual websites, or use --scan-all to scan everything. One license covers one server, regardless of how many websites are hosted on it.

What should I do if MalSSH finds malware?

If MalSSH detects malicious files, review the scan report carefully. For straightforward cases (known malware files), you can remove them manually. For complex infections involving injected code in legitimate files, we strongly recommend contacting SiteGuarding's professional malware removal team. Incorrect removal can break your website.

Related Antivirus Products

Web Antivirus Standalone Antivirus WHM/cPanel Antivirus WordPress Antivirus Malware Removal Service Website Protection

Need Help Installing MalSSH Scanner?

Our security team can install and configure MalSSH on your server, set up automated scanning schedules, and help you interpret scan results.

Need Help? Create Account
Trusted Since 2008
SSH & CLI Support
24/7 Support
Heuristic Engine
Live Chat Support
Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience. See our policy Accept