Add ClamAV as module in Plesk to protect better the server. Thank you Parallels Team.
Is easy to use.
Plesk currently offers two high-quality anti-viruses and other related services like WAF. Integrating another anti-virus solution is an expensive undertaking, so we’d like you to let us know which ClamAV features are missing in anti-viruses and services already available in Plesk. This will help us properly evaluate and prioritize this request.
How can we get the falsely blocked emails from the Dr.Web infected directory into our Clients mailboxes?!
With OS can install ClamAV with yum or apt-get.
Better is use Maldet - https://www.rfxn.com/projects/linux-malware-detect/ & extra signatures to better detect malware from PHP files:
Also mod_clamav to ProFTPd that can scan FTP uploaded files with Malware:
As for me, adding a clamav milter wasn't complicated - just install clamp-milter for systemd, configure it and add its socket to /etc/postfix/main.cf - and it works!
It would be great if Plesk would do these steps for you :)
Well, let`s talk about Ukraine customers. Kaspersky and Dr.Web is under sanctions in here, so what alternatives to them Plesk team can provide? ;)
Or maybe we need alternative to Plesk itself? CPanel for example? ;)
Moodle needs ClamAV integration, please support it, thaks!
Alexander Marinov commented
@nikamuro and the rest of the Pizza guys. This comparison is ridiculously narrow-minded. Let put aside that in my end of the world a pizza costs $7-ish and there are even cheaper places on the globe.
It's narrow-minded because you *assume* one Plesk ... perhaps installed on *the* server (the one and only!). If so please read my statement again and this time carefully:
"you are overestimating the value of Plesk if you think that the cost of a Plesk+Paid AV combo is worthy for a VPS installation."
Hopefully this time you spotted the VPS thing at the end?
So if you'd like to run a hosting environment in a late 90's style, with hundreds if not thousands of users on the same instance perhaps it's not a big deal. I may personally find it outdated, unsecure and hard for ensuring reliability to each and every account hosted there, but hey, it's my opinion! I won't go the route to force it to you. Please be kind enough not forcing me to discuss your pizza stuff as well.
Let me elaborate a bit on why I do consider ClamAV mandatory and why the offered alternatives are really expensive using digits and not ... totally unrelated things.
In my experience large organizations usually go for either 3rd party hosted service or a specialized one (i.e. I've seen Zimbra used in the wild but yet to see self-hosted Plesk for the sake of corporate email).
Smaller ones tend to stick to more generic solutions as using a shared hosting provider. In my own version of the Matrix the need for Plesk usually emerges once an SMB starts outgrowing shared hosting's limits and start thinking for migration to a VPS. Let's assume that regardless of the needs the precise price of that VPS (or dedicated for that matter) is irrelevant - lets call it X - and try to calculate the extra spendings necessary.
One of the first requests will usually be the need of business email which nowadays requires scanning as crypto-viruses can be devastating.
- Plesk offer is to either buy Kaspersky for €359.88 annually (EURO guys!, not USD) which as of today gives $426.86/annually. This does not include any maintenance/support work necessary
- Hosted email goes $2-$5 per user monthly. As this is a 3rd party service so it won't have maintenance/support costs.
Math says that GSuite is cheaper for up to 7 users, and e.g. Zoho is cheaper for up to 14 users. And this only considers price parity, not feature parity! I'm afraid that GSuite vs Plesk as email solution is a lost cause under those conditions. In my experience people are more likely to trust (and hence pay) Google/Zoho rather than an unknown solution. I'd personaly bet on $5 that one is more likely to convince people to spend 2x on GSuite that on AV for Plesk.
Now let's shortly discuss the point where I can actually integrate ClamAV myself. Or why I rather won't:
- Integrating things in a product which development cycle you don't control is extremely risky. At any point an upgrade can break something.
- The effort of doing this properly is comparable to that of writing (or adopting) a provisioning recipe to deploy a mail server + Roundcube
- I won't have any ot the cumbersome restrictions that I need to fight in Plesk (custom SSL cert for IMAP (unless they fixed it)? HSTS? 2FA? Good lucck on the last one in Plesk)
- It will operate in it's own environment hence the reliability won't depend on Plesk's (but rather on your skills to set it properly)
So with that in mind I'd personally rather use 3rd party or custom bult setup. It does involve some effort yes, but my experience so far with Plesk is hardly flawless as well.
- Had to reinstall and convert to cloudlinux as Plesk's Cgroups were buggy - 500% CPU limit would have still translated into one core (it seems they fixed this later on)
- Had to write a custom script to synchronize the Secondary DNS as the plugin suddenly became buggy and stopped doing that (I'm not kidding at all: https://pastebin.com/YYGnXiqg, also was fixed at some point but in the day it costed me few hours to debug/workaround)
With that in mind any customization is a no-go for me and I would not recommend it to anyone else as well.
Well hopefully this is enough for my POV to become clear, not that it matters for me. I don't think anything will happen here (and in the "admin" name request as well) so took the effort to unsubscribe from notifications.
Wishing good luck to everyone regardless of your opinions on that particular topic.
@Alexander do you pay €29.99/month for a pizza??? The Clam Av it's free pizza!
Over years i use the kaspersky av solution - i dont think that a clamAV integration is a better choice.
Costs of the kaspersky AV is like to eat one pizza - let me repeat: ONE PIZZA - in a month! :-D
Who arent able to "invest" this, should not be able mainatain a serverystem - i think!
Alexander Marinov commented
I don't know why we still comment on this. It should be obvious by now that this "feature" was chosen for monetization if one wants to feel more secure :)
So dear plesk team, yes we can integrate ClamAV on our own but then what is the benefit to pay for a "solution" if this requires additional effort to steup and *maintain*?!
If I'd like to go that route then I'd rather go fully self-managed than start hacking trough an encrypted 3rd party software. Thanks, but no thanks.
And IMO you are overestimating the value of Plesk if you think that the cost of a Plesk+Paid AV combo is worthy for a VPS installation.
You seem not audited the loss you are making, peoples have deserted Plesk for cpanel merely for you not integrating ClamAV or any other FREE AV support. This is a genuine request, this request is so old that in that period I know even Plesk is capable of developing there own FREE AV merely not just able to integrate.
Given the latest massive license fee increase for Plesk (reseller) licenses it would have been a miracle if Plesk dedicated time and money into establishing ClamAV as an additional option for mail scanning.
Seems like they only care about maximizing their profit...
Hi, we are updating status when there is some new information or status update from our end. Status updates are not frequent, but always meaningful.
Unfortunately we cannot report to you any major change as of now:
- this request is in remaining top5 (after higher priorities were delivered) and we fully recognize its priority for our customers
- for quite a while we were seeing ClamAV as an alternative to already provided Dr.Web and Kaspersky antiviruses and honestly we considered that 2 available options should be already enough, while there were many other requests to work on. Especially given relatively easy manual integration of ClamAV by a server admin (guidelines are available online)
- thanks to later posts of ClamAV supporters we re-evaluated ClamAV as a file scanner for web files, rather than for email. And in this context it definitely deserves more attention
As of now we have a bunch of tasks assigned for the next release, but once we deliver the next version, we will seriously consider this item. Should there be any update on actual status, we will post it here
We are thankful for everyones' votes and involvement
Ronald van Helden commented
Can one of the staff members please reply and update the previous response or add a new response with the current state?
Would be nice to be hearing something from you, as you are the ones who created the forum...
It doesn't make sense for us to create feature suggestions if it takes you more than 1,5 years to respond.
come on this is the biggest asked suggestion we are going to be in 2018 ... and still without FREE anti-viruses. How about thinking about making the internet a better place for all of us.
Having a FREE anti-viruses on Plesk would get you more users. i for one switched for Cpanel on 3 of my servers as of Plesk not having basic free anti-viruses.
Another alternative would be Sophos free Antivirus for Linux https://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-linux.aspx
4 Years ago, shame on you :/
It's 2017 and I just provisioned a Plesk VPS w/out anti-virus. Why? Because there's no built in AV enabled by default. How is this even possible? How hard/expensive could it be to make clamav built in by default while the dev staff undertakes massive projects such as wordpress toolkit [which is very awesome I admit]. ClamAV integration and default enabling would be tiny by comparison.
Why don´t you integrate ClamAV? I totally agree with all others. You should integrate it soon. @Thorsten, @anonymous @B_P
Since common tutorials already exist that show how to integrate ClamAV into a setup with Postfix, it is not really clear what should be that cost expensive to integrate it. The only reason could be that less customers will buy Dr. Web or Kaspersky as an add-on...
As indicated by @Thorsten, I totally agree that this should be included.
@anonymous "I can understand that Plesk only wants to add supported 3rd party software for this reason." I did't see neither this statement, nor any other statement from Plesk yet (after 1.5 years). The is a need for a free (maybe not perfect) standard solution; better not perfect than no protection. I think Plesk wants to sell 3rd party licenses which are more expensive than Plesk itself and didn't care about internet security by providing no default solution at all ... saying that, running servers with Plesk weakens safety of users and the Internet.
Sure, ClamAV is not enough: but ClamAV, a milter configuration, Spamassasin, rkhunter, firewall rules, regular updates, and maybe other hardening tools. I understand Plesk as a frontend for configuration Linux / Windows systems, to simplify administration. If you say that I can do it manually, for sure, why I should use Plesk then at all?
There are pros/cons as in every decision regarding adding features or not.
Yes it would be nice to have ClamAv supported. This would allow a lowcost security solution. The issue i see here is that ClamAv alone is not enough, but users would expect this to be a full protection solution (thats what ClamAv is not without manual adjustments). I can understand that Plesk only wants to add supported 3rd party software for this reason.
For those who do want to use ClamAV it can be integrated within a few minutes by just installing a system package and adjusting plain text config files.