The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ClamAV question

Discussion in 'Security' started by ozzieonline, Dec 23, 2012.

  1. ozzieonline

    ozzieonline Well-Known Member

    Joined:
    Dec 20, 2012
    Messages:
    126
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Hello,

    I installed ClamAV in WHM. Is this enough to keep me protected? I'm not sure if the program runs automatically, or if I have to start each scan manually from cPanel? Can someone please clarify?

    Many thanks in advance.
     
  2. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    If you install ClamAV in WHM, it just sits there and does nothing unless you specifically tell it to scan something -- or unless you set up a cron job or something to do periodic scans. It does not monitor uploads via web/ftp in realtime all by itself. If you want that capability you'd want something like the ConfigServer eXploit Scanner (CXS).

    If installed, ClamAV will scan incoming email. If you want it to automatically scan outbound mail / mail from authenticated senders, you'll have to enable that in WHM --> Exim Configuration Manager --> Security.

    m
     
  3. ozzieonline

    ozzieonline Well-Known Member

    Joined:
    Dec 20, 2012
    Messages:
    126
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Thanks for your reply mtindor. Really appreciate it!

    My VPS is quite small and has only 512MB. When I use Putty to see the active processes I notice that clamd uses 27,3% of the available memory! And now I understand it doesn't even do anything? That's pretty strange actually :(

    I want to host websites for other people on my VPS by using add-on domains. I have only 1 cPanel account and I will be the only one with FTP access. Also I disabled anonymous FTP.

    Which of these options should I check then when I configurate ClamAv in WHM?

    Scan Entire Home Directory
    Scan Mail
    Scan Public FTP Space
    Scan Public Web Space

    I think I can uncheck "Scan Public FTP Space" becuase I don't use anonymous FTP. Is that correct? And how about "Scan Public Web Space". I'm not exactly sure what that means.

    "If installed, ClamAV will scan incoming email."
    Incoming e-mail will be scanned automatically? Without a cron job or something?

    "If you want it to automatically scan outbound mail / mail from authenticated senders, you'll have to enable that in WHM --> Exim Configuration Manager --> Security."
    Thanks for the tip. I see 2 options concerning ClamAV:
    1) Scan messages for malware from authenticated senders (exiscan).
    2) Scan outgoing messages for malware
    Which option is the one you're referring to?

    Is there maybe another free antivirus program that is always active and doesn't require cronjobs? And which doesn't consume this much memory?
     
  4. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    It's active by default for two reasons:

    1. So the facility in WHM can be used if you want to scan anything
    2. So that the virus filtering for incoming email works by default

    I can't advise. I use CXS (from configserver.com, not a free product) rather than the facility built into WHM.

    Correct.

    Both of them. On some servers I dont even bother to check those. I'm not concerned about users sending out viruses -- I'm concerned about them receiving viruses from external sources.

    I have no answer for this one.

    M
     
  5. ozzieonline

    ozzieonline Well-Known Member

    Joined:
    Dec 20, 2012
    Messages:
    126
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Thanks for your reply. Appreciate it!

    More advice is still welcome...
     
Loading...

Share This Page