php - About Removing Malware Scripts

Question

I am working on a php website and it gets regularly infected by Malware. I've gone through all the security steps but failed. But I know how it every time infect my code. It comes at the starting of my php index file as following.

<script>.....</script><?

Can anybody please help me how can I remove the starting block code of every index file at my server folders? I will use a cron for this.

I already gone through regex question for removal of javascript malware but did not found what I want.

Answer 1

You should change FTP password to your website, and also make sure that there are no programs running in background that open TCP connections on your server enabling some remote dude to change your site files. If you are on Linux, check the running processes and kill/delete all that is suspicious.

You can also make all server files ReadOnly with ROOT...

Anyhow, trojan/malware/unautorized ftp access is to blame, not JavaScript.

Also, this is more a SuperUser question...