@Jake,

Well, your FTP users indeed can upload trojans or malicious code embedded in PDF files and images. But it cannot harm your server security, it will harm their site visitors, who will download those files. So I wonder how is your server impacted with these uploads?

From server security standpoint, server admin shall probably be much more concerned for malicious HTTP uploads (not FTP), which are performed normally via a vulnerability in a hosted site and potentially can take over that site in a hidden manner or can take over a server (only in a combination with some other vulnerability, of course). mod_security shall be good solution against that, when accompanied by quality ruleset (such as the one from AtomicCorp). I don't fully understand how ClamAV is efficient here, given that it is very far from 100% efficiency and regular complete scans would likely cause huge load on a server.

We observed a number of complains on high load from antiviruses scanning servers, but we have no positive data on their efficience. What is your experience about ClamAV file scan?

@Sergey L

Uplaods may contain any number of threats from viruses and trojans to malicious code embedded in images or PDFs. That the ability to scan for these threats is currently missing from plesk has us considering a move back to cPanel.

@Jake

How scan of ftp uploads would improve your server security?

Not only is clamAV free but it has the ability to scan ftp uploads as well, not just emails. This is a huge oversight in plesk server security. Especially with the statement "Plesk is the most effective, flexible and secure web control panel for professional hosting providers and webmasters..." On your homepage.

It's free !! :D

yes and yes again. 1+ Why not @Plesk?

ClamAV is a free anti-virus solution that has never let me down when it comes to viruses, malware and other threats. I use a script to use clamscan on the server as you do not want us to use a free virus scanner. You always keep pushing us to keep paying more and more ...

The products plesk offers, dont scans the webspaces or the server! We prefare on our business machines kaspersky internet-security, but in a webserver the costs to expansive and they scan only the mail accounts and not the complete webspace or server! ClamAV brings many features for scan the whole webserver and we have found many times malware with them in client webspaces and this is a gratis software!

what ip00 said. clamav = free . kaspersky and dr.web are too expensive for small business

ClamAV is Free ;) That the Point. The another services costs to many.

It gets expensive paying for multiple Dr.Web or Kaspersky license for small business that have a few small VPS's. ClamAV is proven open source solution that works and not paying for something like that makes us more competitive price wise. Especially when setting up and selling small VPS (2GB RAM) for one client/website use.
Your licensing terms are becoming more and more restrictive. Last thing that was cut is number of domains (Web Pro - 30 domains, was 100 before for same price) so we figured it is better for us to get more VPSs with Web Pro than upgrade to Web Host.

Hello, clamAV can be used for example for scan the website, other control panel (cpanel), permit to customer to do an fully clamav AV scan of website.

Can be an better plugin for plesk. In other if you add clamav+maldet was be an great security feature for plesk and for the end user.

ClamAV is a Free antivirus, provided by the package manager of many Linux OS, and can be compiled using the sources that we can download. This is a good solution and doesn't need much resources.

Well ClamAV is FREE, which is a major feature.

ClamAv in conjunction with maldec https://www.rfxn.com/projects/linux-malware-detect/ help to identify compromised site files. It will be great having this integrated with Plesk.

Description
Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. In addition, threat data is also derived from user submissions with the LMD checkout feature and from malware community resources. The signatures that LMD uses are MD5 file hashes and HEX pattern matches, they are also easily exported to any number of detection tools such as ClamAV.

For the most Part,-it's free. The Solutions currently offered are too expensive and have Bad Licensing Models for Small Agencys. Also i feel it's a standard and a must have...

Yeah +1 on this.

Just make sure to configure freshclam to run with cron rather than daemon as that's the real resource hog.
Running freshclam via cron every hour uses next to none from what I have seen on my servers.

Not a good idea, for reasons of low performance and all reasons given by Stéphan S

I am waiting this feature last 3 years. I hope the Plesk Developers confirm soon this feature, because this can be a great new service on Linux Servers.

Really?
Cronjobs to look for virusses?

Mail is filtered in real-time on the way in.

FTP should also be filtered in real-time on the way in, this can be done using Mod_Clamav.
Mod_Clamav only works with the Atomic psa-proftpd since Parallels compiles proftpd without --enable-dso

Incoming threats via HTTP should be scanned realtime using a Web Application Firewall.
Plesk 12 is already compatible here.