Add ClamAV as module in Plesk to protect better the server. Thank you Parallels Team.
Is easy to use.
-
Gustavo Morgado commented
MORE INPUT REQUIRED? I don´t think so.
Plesk really offers 2 High-Quality antivirus, for some bucks $$$. We want 3 high quality antivirus, so, one of them is FREE (Clamav), then we can choose to pay for Karpesky, Dr Webb or stay with free Clamav.
This is the point.
-
Jake commented
+1 Mislav.eu
Very well said, agree 100%.
On a somewhat different note I stumbled across Admin-Ahead Realtime File Upload Scanner 1.0 in the extentions catalog. Apparently they've already taken the time to integrate ClamAV into plesk without any extra setup. They just seem to think it reasonable to charge $4 for something that should be free.@BC (small business owner)
As a small business owner you should know the importance of time management. It takes time and resources to include new software into plesk. This isn't something they can say "Yep it's free, so it's included" Their devs have to not only include the new package but setup the GUI to work with it as well. Plesk (or any admin panel) has certain code that must be added to for every new piece of software included. As Mislav stated, it's much easier for us as system admins to add it manually to our local servers than it is for the Plesk team to add it globally. Justify your responses with reasons what features make ClamAV is better than what is offered as they've requested. -
Mislav.eu commented
The main problem of society today is they want everything as final product without any manual work.
Whatever you will say, in every company there must be a system administrator to take care of things like this. I never payed a penny to plesk for some other products, only the licence and I never had problems with stuff like this (I did, before I learned how to do this) - and I'm using plesk since version 9.
People are paying for jugger firewall, kaspersky antivirus and other solutions provided, which are, don't get me wrong, just fine and they're working, but you can setup everything on your own.
I setup-ed fail2ban on all of our servers even before plesk announced changes coming in plesk 12 and it was working, even apf firewall solution with IP banning (it's still on forums). People were complaining about incremental backups for years - I've also made a script for that - so it is possible - this one is also on forums.
Why paying for some spam solution if you can integrate both clamav/amavis into postfix and that is working just fine in REAL TIME? You can also put addition rules to block different hosts, rules and you can even use different RBL there. How do you think people used different PHP versions under plesk before version 12 and option to just add new version in handler list? Manual way, yes, nothing automatically. In addition to that, clamav can scan command line, right? So you can even setup cronjob to scan emails ONLY (not vhosts) and move infected files to some quarantine folder.
In the end it all comes to this:
- I didn't come here to tell everyone how cool or uncool I am
- I came here to tell sys admins outside there to learn and do your job, otherwise switch to windows platform and do the clicky stuff there or change job
- if you're small company and don't have budget, do it my way and you will learn from this manual setups 500% more then all others, because this is what it takes to be a linux sys administrator (you can always automate things later)
- if you're lazy and have money - purchase the product and hope everything is fine (in the end, you don't know how this work)
- if you're lazy and don't have money - change the job, don't complainYes, I gave 3 votes in the end, because, although it is free, it's very powerful tool as already mentioned and if something is free it doesn't essentially means it's worse product/solution then payed option (also widely used, documented, etc.)
I know it takes time to implement, but just like fail2ban was integrated, clamav should be as well.
I forgot even what to type more, I want voice recorder here so I can just talk and afterwards I just post new comment.
-
BC (small business owner) commented
@Sergey & Jake Why isn't the fact thats its a free AV not a good argument. If thats not an argument u could ask thousands of dollars for one single plesk licence or an antivirus module. We got a bussiness to run. Mine is small, so i need to keep the costs low, to make some profit.
Not only is ClamAv free, its fast, reliable, its widely used, well documentated, known and used by a huge group. Due that de current AV is IMO pretty expensive compared to my monthly costs of a full managementpanel: plesk (im a very small businessuser). Cause of this reason, me and many others with me use ClamAv. Integration with Plesk would save this big group of customers a lot of time. I think cause of this reason its in te top 10 of features requests. Besides, other panels have it, why shouldn't plesk have it?
-
@Jake
Thanks! Very good points
-
Jake commented
Even though ClamAV is free it still requires time and effort for the Plesk team to incorporate it into their panel. The argument that it's free so add it could be applied to about 1000 different things. If you want them to add it then you need to add constructive comments to the post.
-
Anonymous commented
I think ClamAV should be added for the reason that it's free.
-
Jake commented
FTP users are human and fallible even if they can be 100% trusted not to upload malicious content on purpose it can happen by mistake. Also we allow file transfers through our Teamspeak 3 server and I don't think mod_security would scan those files. We don't want to be known for redistributing comprised content.
I've personally never had any load issues with ClamAV but have reached out to a couple others I work with to ask about their experiences. ClamAV supports live scanning of mail, and ftp traffic (via mod_clamav which can be configured to listen on multiple sockets or ports) which would create no noticeable load on most systems HTTP uploads are also supported. Of course full system scans should be run regularly but can be configured to be run in small batches on specific directories one after another rather than the whole system at once.Lloyd Day commented · May 03, 2015 12:04
Just make sure to configure freshclam to run with cron rather than daemon as that's the real resource hog.
Running freshclam via cron every hour uses next to none from what I have seen on my servers. -
@Jake,
Well, your FTP users indeed can upload trojans or malicious code embedded in PDF files and images. But it cannot harm your server security, it will harm their site visitors, who will download those files. So I wonder how is your server impacted with these uploads?
From server security standpoint, server admin shall probably be much more concerned for malicious HTTP uploads (not FTP), which are performed normally via a vulnerability in a hosted site and potentially can take over that site in a hidden manner or can take over a server (only in a combination with some other vulnerability, of course). mod_security shall be good solution against that, when accompanied by quality ruleset (such as the one from AtomicCorp). I don't fully understand how ClamAV is efficient here, given that it is very far from 100% efficiency and regular complete scans would likely cause huge load on a server.
We observed a number of complains on high load from antiviruses scanning servers, but we have no positive data on their efficience. What is your experience about ClamAV file scan?
-
Jake commented
@Sergey L
Uplaods may contain any number of threats from viruses and trojans to malicious code embedded in images or PDFs. That the ability to scan for these threats is currently missing from plesk has us considering a move back to cPanel.
-
@Jake
How scan of ftp uploads would improve your server security?
-
Jake commented
Not only is clamAV free but it has the ability to scan ftp uploads as well, not just emails. This is a huge oversight in plesk server security. Especially with the statement "Plesk is the most effective, flexible and secure web control panel for professional hosting providers and webmasters..." On your homepage.
-
Anonymous commented
It's free !! :D
-
Anonymous commented
yes and yes again. 1+ Why not @Plesk?
-
Anonymous commented
ClamAV is a free anti-virus solution that has never let me down when it comes to viruses, malware and other threats. I use a script to use clamscan on the server as you do not want us to use a free virus scanner. You always keep pushing us to keep paying more and more ...
-
Detlef Bracker commented
The products plesk offers, dont scans the webspaces or the server! We prefare on our business machines kaspersky internet-security, but in a webserver the costs to expansive and they scan only the mail accounts and not the complete webspace or server! ClamAV brings many features for scan the whole webserver and we have found many times malware with them in client webspaces and this is a gratis software!
-
Sven L. commented
what ip00 said. clamav = free . kaspersky and dr.web are too expensive for small business
-
Anonymous commented
ClamAV is Free ;) That the Point. The another services costs to many.
-
ip00 commented
It gets expensive paying for multiple Dr.Web or Kaspersky license for small business that have a few small VPS's. ClamAV is proven open source solution that works and not paying for something like that makes us more competitive price wise. Especially when setting up and selling small VPS (2GB RAM) for one client/website use.
Your licensing terms are becoming more and more restrictive. Last thing that was cut is number of domains (Web Pro - 30 domains, was 100 before for same price) so we figured it is better for us to get more VPSs with Web Pro than upgrade to Web Host. -
VHosting Solution commented
Hello, clamAV can be used for example for scan the website, other control panel (cpanel), permit to customer to do an fully clamav AV scan of website.
Can be an better plugin for plesk. In other if you add clamav+maldet was be an great security feature for plesk and for the end user.