Suspicious File Alert - how to remove file

Post Reply
digitaliway
Junior Member
Posts: 2
Joined: 17 Nov 2017, 17:07

Suspicious File Alert - how to remove file

Post by digitaliway »

I get the below alert and I am used to getting these, but this one has been coming in 50 times a day for only one user/domain. How can i just remove this file or find out what is going on?

Time: Fri Nov 17 07:06:08 2017 -0500
File: /tmp/index.php
Reason: Script, file extension
Owner: usernamehere:usernamehere (1020:1022)
Action: No action taken
digitaliway
Junior Member
Posts: 2
Joined: 17 Nov 2017, 17:07

Re: Suspicious File Alert - how to remove file

Post by digitaliway »

I figured I would answer this myself since I found a solution and no one else replied.

SSH into your Linux server as root

#command to change to the temp directory
cd /tmp

#command to list the contents of the directory
ls

#command to remove the problem file which is in this case index.php
rm index.php

I can confirm that is has resolved my issue so maybe it will help others.
Post Reply