durangod

Well-Known Member
May 12, 2012
452
28
78
cPanel Access Level
Website Owner
Hi, if a site on shared hosting with cpanel installed allows users to upload zip files via a site form, is there anything that cpanel has that can scan those files as they are uploaded to the server?

These sites dont have root access so they cant install anything, it needs to be something readily available off the menu.

What can be done to secure these zip files to prevent viruses and such from being uploaded via zip files?

Thanks :)
 

fuzzylogic

Well-Known Member
Nov 8, 2014
136
78
28
cPanel Access Level
Root Administrator
ConfigServer eXploit Scanner does that, but it is a paid cPanel plugin.

From the cxs Documentation...
cxs Watch Daemon
This is an alternative to ftp and web script upload scanning. The cxs Watch daemon uses a separate process to constantly watch entire user accounts for new and modified files and scans them immediately. The scanning children use up significantly fewer resources than the ftp and web script upload scanning methods.
The default options for cxswatch are options=mMOLfuSGchexdnwZRrD
Z stands for scan compressed files.

Additionally, cxs can provide a Modsecurity rule which pipes all http uploads to cxs for scanning before the http request is allowed to complete. The http request is blocked by Modsecurity if cxs gets a match.

So in your case I would expect both methods to detect almost in real time a compressed exploit known to clamav.

Sorry I just reread your post and you wanted something that a regular cPanel account user can access. My suggestions only apply to a server administrator with root access.
 
Last edited:
  • Like
Reactions: cPanelMichael

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,233
363
cPanel Access Level
DataCenter Provider
Twitter