Add ClamAV as module in Plesk to protect better the server. Thank you Parallels Team.
Is easy to use.
Plesk currently offers two high-quality anti-viruses and other related services like WAF. Integrating another anti-virus solution is an expensive undertaking, so we’d like you to let us know which ClamAV features are missing in anti-viruses and services already available in Plesk. This will help us properly evaluate and prioritize this request.
4 Years ago, shame on you :/
It's 2017 and I just provisioned a Plesk VPS w/out anti-virus. Why? Because there's no built in AV enabled by default. How is this even possible? How hard/expensive could it be to make clamav built in by default while the dev staff undertakes massive projects such as wordpress toolkit [which is very awesome I admit]. ClamAV integration and default enabling would be tiny by comparison.
Why don´t you integrate ClamAV? I totally agree with all others. You should integrate it soon. @Thorsten, @anonymous @B_P
Since common tutorials already exist that show how to integrate ClamAV into a setup with Postfix, it is not really clear what should be that cost expensive to integrate it. The only reason could be that less customers will buy Dr. Web or Kaspersky as an add-on...
As indicated by @Thorsten, I totally agree that this should be included.
@anonymous "I can understand that Plesk only wants to add supported 3rd party software for this reason." I did't see neither this statement, nor any other statement from Plesk yet (after 1.5 years). The is a need for a free (maybe not perfect) standard solution; better not perfect than no protection. I think Plesk wants to sell 3rd party licenses which are more expensive than Plesk itself and didn't care about internet security by providing no default solution at all ... saying that, running servers with Plesk weakens safety of users and the Internet.
Sure, ClamAV is not enough: but ClamAV, a milter configuration, Spamassasin, rkhunter, firewall rules, regular updates, and maybe other hardening tools. I understand Plesk as a frontend for configuration Linux / Windows systems, to simplify administration. If you say that I can do it manually, for sure, why I should use Plesk then at all?
There are pros/cons as in every decision regarding adding features or not.
Yes it would be nice to have ClamAv supported. This would allow a lowcost security solution. The issue i see here is that ClamAv alone is not enough, but users would expect this to be a full protection solution (thats what ClamAv is not without manual adjustments). I can understand that Plesk only wants to add supported 3rd party software for this reason.
For those who do want to use ClamAV it can be integrated within a few minutes by just installing a system package and adjusting plain text config files.
"Integrating another anti-virus solution is an expensive undertaking, "
: Expensive undertaking means you sell less ridiculous expensive commercial third party antivirus licenses?
"... we’d like you to let us know which ClamAV features are missing in anti-viruses and services already available in Plesk."
: ClamAV IS missing... just add it as an option (a) install the related packages; (b) add the milter in Postfix. Level of Done: DONE
"This will help us properly evaluate and prioritize this request."
: Now, 1,5 years for evaluation, grooming/ planning, and prioritizing is more than enough... Conclusion?
Very BAD marketing...
Wenn ich anfangen muss an der Kommandozeile das System zu konfigurieren, welchen Zweck hat dann gleich noch Plesk? Hier geht es um eine Unterstützung durch Plesk - und da diese ja wie beschrieben relativ trivial ist, sollte die Umsetzung ebenso trivial sein. Fakt ist aber: Plesk will Drittanbieter-Software verkaufen, die teuerer als die Plesk-Lizenz selbst ist und startet hier unsinnige Umfragen, ignoriert sie dann aber und schweigt sich aus. Dass nenne ich User Centric Design und Kundenzufriedenheit. Oder das Plesk-Team hat Plesk einfach falsch konfiguriert und bekommt die Antworten dieses Threads gar nicht mit... ;)
If I'm forced to use the command line, which use case fulfills Plesk? Do I need it anymore? This thread is about supporting a (open source) Linux system standard (ClamAV + the related postfix milter); its simple to configure, so the integration into Plesk should be trivial. And hey, Plesk asked us, we answered and now they ignore us). Maybe they are not able to read their own uservoice by a misconfiguration of their Plesk instance...
Es geht doch ( das stammt von einer Centos 6 mit Plesk 17.0 ):
X-Virus-Checker: Scanned by SAV Dynamic Interface 2.5.0 3.68.0 2017-06-15 5.40 on genf132.server4you.de ( no virus );
Mon, 19 Jun 2017 09:12:43 +0200
Received-SPF: none (no valid SPF record)
X-Virus-Scanned: clamav-milter 0.99.2 at genf132.server4you.de
Received: from [192.168.78.101] ([18.104.22.168]) by mrelayeu.kundenserver.de
(mreue004 [22.214.171.124]) with ESMTPSA (Nemesis) id
0MUjkW-1dJQWx3WXM-00YEAK for <email@example.com>; Mon, 19 Jun 2017
Wer es nicht schafft, ein Paket mit yum zu installieren und eine Zeile in der Postfix Konfiguration zu ändern, muß halt leiden.
with all the votes its clear that this FREE anti-virus is needed!
Ronald van Helden commented
I would really like to have an free opensource option to use with plesk
Why doesn't you use clamav-milter. ? Yes it is offical part of the clamav package. If you build clamav from a source RPM, it creates iIRC 3 binary RPMs, one of them is clamav-milter
You should find a clamav-milter .RPM or .deb for your OS
I'm admin on a plesk 17.0 /Centos 6 Server. There is clamav-milter running in Addition to Plesk PA ( without key ). Runs fine with postfix, is free and because the usual clamd is used, your Extended signatures should work.
You have to install clamav-milter, clamd and freshclam and setup them. modify one single line in postfix config and as long you don't change the mailer from postfix to qmail and back or add/remove outgoing spam protection extention ( you have to pay for ) Plesk doesn't touch this line anymore, i think.
BTW: there exists a some years old solution ( http://heirich.eu/drupal-7/clamav-plesk ) for clamav using within Plesk 10 and qmail using a mailhandler written in perl. however because the mailhandler Interface is still unchanged up to date and they don't differ between postfix and qmail this old solution should still work . Not sure, because i've gone to clamav-milter and does not need this solution anymore, since some years. Checking the same mail twice using the same av-scanner is senseless.
Kaspersky and Plesk Premium Antivirus costs nearly twice as the whole vServer incl. Plesk per month - horrible expensive. Why there is no open source solution as ClamAV for the users by default. The most people could not buy this expensive license for this buildin Antivirus extensions and so they take nothing to secure the mail traffic - and the whole Plesk is not secure anymore! Is this in accordance with your wishes?
Please give us the possibility to use a free Antivirus solution like ClamAV (which is normally the default for webservers) to secure it or give us an AV license which is in appropriate relation to the Plesk license, f.e. the current monthy fee would be the yearly fee. Or change it to use 14 (or 10, or 8) E-Mail-Addresses per abonnement for free with the buildin Plesk PA - not 14 per Server, everything else is completely pointless if users can not decide for a free one.
Maybe someone from the plesk team read this - but I think not. Nothing happens in the last 2 years...
Why aren't those feature build into Plesk on default?
If one would start using an extension who guarantees that this extension will be supported and work properly in future releases, this would require again that the extension gets fixed once there is another Plesk upgrade.
Please think about adding some of those features as buildinto Plesk on default. They add great value. :)
Kingsley Felix commented
Open discussion since 2013? once Cpanel implement nginx am moving there.
ClamAV is FREE and the Premium Extensions are not CHEAP ;-)
I would go for somae Extensions, but for my VPS Server it would be to expensive!
Maybe you rethink the price or build a package with nice Extensions running 12 Months with effortable even for small customers ;)
The feature request was opened mid 2013. Four years later we have still two commercial antivirus extensions which are (more than) expensive in comparison to the plesk license itself... and in addition (to make it more expensive) its restricted to mail scanning and a max. of mailboxes.
As I understand plesk/onyx it is a management software for resellers etc. to simplify the administration of an existing server infrastructure using standard components. Standards on Linux are spamassasin, clamav,, amavis etc.
Security means hardening a server, avoid intrusion, integrity, availability, no viruses (in mails and files), rootkit detection.
So in the standard configuration plesk is neither using a) system standards which are widely adopted and supported, b) doesn't have any virus protection. ok you could install mentions packages for yourself ... but why i should use plesk anymore if the system is not fully supported by plesk?
conclusion: simply say we dont want to support free software, because we want to force you to pay for sub licensed third party software...
to sell a server solution which makes the net insecure by not supporting free available standards like outbound spam protection and virus scanners stands for itself. but dont use the word "secure" on your website anymore...
If this feature is not made available I am planning on moving back to cPanel - it is a MAJOR deficiency in Plesk - ClamAV needs to be added ASAP -i.e. now. Your product is not secure as currently delivered.
This is now available as part of the Warden Anti-Spam & Virus Protection Plesk Extension: https://www.danami.com/products/plesk-extensions/warden-antispam-and-virus-protection
We run Moodle installations and need ClamAV for Moodle's virus checking with every file upload.