Recently, one of my server’s IP is listed in Spamhaus DBL, due to some malware present in the server. So as it is a test server I don’t much worried about that, but still interested to get some knowledge that how to deal with these type of threats?
Also, opensource projects like Rkhunter, ClamAV, is it capable enough to detect the malware?
And lastly, how this malware is present in the server, what should I do to avoid it?
Thanks in advance.
It’s pretty common to see that new IP being listed at Spamhaus. Especially, I have noticed for DO. If you feel server is infected, switch to whole new setup.
Thanks got it. I’m using run cloud, and bunnyshell, as well, so to instance update should be reflected to the dashboard or I need to login to the server, and then run commands?
And lastly, if we do any kind of update and upgrade is there a chance of VPS collapsed? or should I create a Cloudsnap for safe?
Thanks again.
Does it handle automatic updates?
Yes, it’s important.
Does it handle automatic updates?
In bunny shell there an option of auto-patching and manual patching looks like this:
But when I logged into the server via SSH, there are 11 patches available shows, but in Bunnyshell there’s few.
So little bit confused.
Yes, it’s important.
What you prefer, Snapshot or Droplet Backup which DO offer?
Thanks again,
You can apply update after taking backup however you like. Both looks same.
Short term: Snapshot
Long term: Automatic backup
ah, understood, thanks, the last query, Snapshot cannot be replayed in the existing server right, need to deploy on a new virtual machine?
And for backup, it can be deployed on the same server?
are my thoughts in the right direction?
Both ways possible. You can either restore at existing or new.
Let me know if you have any more queries.
Thanks much!
Always happy to help 
