We are using CentOS with parallel plesk server for our web application. User can upload their files to server. For security reason I need a anti-virus software scanning on all uploaded files. So please suggest me good solution for me.
Answer
You can install Fabric, then put the following into a .py file:
from fabric.api import *
@hosts('1.2.3.4')
def clamav():
run('sudo yum -y install clamav.x86_64 clamav-db.x86_64 clamd.x86_64')
run('sudo /usr/bin/freshclam')
run('sudo /sbin/chkconfig clamd on')
run('sudo /etc/init.d/clamd restart')
run('wget ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.4a.tar.bz2')
run('tar jxvf proftpd-1.3.4a.tar.bz2')
run('[ -d /usr/local/proftpd ] || sudo mkdir /usr/local/proftpd')
run('wget https://secure.thrallingpenguin.com/redmine/attachments/download/1/mod_clamav-0.11rc.tar.gz')
run('tar zxvf mod_clamav-0.11rc.tar.gz')
run('cp mod_clamav-0.11rc/mod_clamav.* proftpd-1.3.4a/contrib/')
run('cd proftpd-1.3.4a && patch -p1 < ../mod_clamav-0.11rc/proftpd.patch')
run('cd proftpd-1.3.4a && ./configure --prefix=/usr/local/proftpd --with-modules=mod_ldap:mod_clamav && make && sudo make install')
run('sudo /sbin/chkconfig --add proftpd')
run('sudo /sbin/chkconfig proftpd on')
run('sudo chmod +x /etc/init.d/proftpd')
run('sudo /etc/init.d/proftpd restart')
and install it by running:
$ fab -f /path/to/the/.py/file clamav
UPDATE
Okay, but the user will upload files from browser itself. They are not
using the FTP
Then run clamscan as a daily cron job, something like this:
0 2 * * * clamscan -i -r /var/www/html --move=/home/quanta/viruses --log=/var/log/clamav/scan.log
Attribution
Source : Link , Question Author : Mark Danney , Answer Author : quanta
