chkrootkit – Linux rootkit scanner
What it does : Find rootkits
Where to find it : in your distribution – or on chkrootkit.org
Option 1: ISPProtect – 90 euro / year but worth it.
Where to find it : ispprotect.com
Step #1: Get a licence
Step #2: Download and install and run
Then indicate your key number or trial if you want a trial version.
Indicate /var/www to start the scan on the web installs.
It will then generate reports as follow:
Step #3: The cron job
Option 2: Maldet – free which you can find atthis place