Submitted by yngens on Mon, 08/20/2018 - 08:13
Now that we've get clarified that Virtualmin's virus scanning feature is only for emails, I'd like to suggest a new feature or to extant the same feature to cover also file structure of virtual servers.
The feature already relies on ClamAV, which in turn can perfectly scan files and directories, so why to limit the future only for e-mails and why not also cover files?
Status:
Active
Comments
Submitted by andreychek on Mon, 08/20/2018 - 09:41 Comment #1
Howdy -- yeah I wish there was an awesome tool on Linux to handle that. In our experience, ClamAV hasn't been particularly adept at locating issues in files such as website malware.
We've seen a number of website infections, but ClamAV has largely been unable to detect them.
Some years ago, I've had luck using this tool here:
https://www.rfxn.com/projects/linux-malware-detect/
Back in the day, it detected quite a few variants of malware.
Alas, it's been several years since I've had success with it either, current variants of malware seem to evade that tool now.
For users who want to try using ClamAV for scanning files on their server anyhow, they can always add something like this into cron:
clamscan -r -i DIRECTORY
I'm not sure that we'd want to add a feature into Virtualmin that we wouldn't use ourselves, but we'll keep an eye out to see if maybe some tool out there has gotten better at detecting website malware.
Submitted by Jfro on Mon, 08/20/2018 - 10:23 Comment #2
If using clamav as base then > To run ISPProtect ( paid version) automatically as a nightly cronjob, create a cron file with nano:
https://www.howtoforge.com/tutorial/how-to-scan-linux-for-malware-and-ro...
free former rkhunter https://cisofy.com/downloads/lynis/