HOWTO: ProFTPD Antivirus using CLAMAV

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
Sorry, I didn't realize you meant this same thred.

I've never used this method so my reply is rather generic. Perhaps other people will have a more specific reply.

But what you need to do is first make whatever changes are necessary to the ProFTPd configuration to call ClamAV, and then secondly you should shut down ClamAV, set it so it won't restart, and then optionally remove it from your server.

If you're still going to use it for email, but not for FTP, then you should of course only remove the links in the ProFTPd configuration, but leave ClamAV alone.

Hopefully someone else will respond in greater detail.

Jeff
 

vaarsn

New member
Joined
Aug 28, 2014
Messages
2
I tried to compile mod_clamav with my currently installed rpm version of ProFTPd via prxs -c -i -d mod_clamav.c. Everything is ok and I can see mod_clamav listed:

Code:
root@newsr [/usr/src]# proftpd -vv
ProFTPD Version: 1.3.5 (stable)
  Scoreboard Version: 01040003
  Built: Tue May 20 2014 14:13:47 CDT

Loaded modules:
  mod_clamav.c
  mod_cap/1.1
  mod_sftp/0.9.9
  mod_wrap/1.2.4
  mod_tls/2.6
  mod_auth_pam/1.2
But it doesn't work for me for some reason. In proftpd debug console I see nothing strange, but I see to virus checking as well. I'm using 0.10 version of mod. IAs I know there is exists the newer version of it. Can somebody provide me with its latest version?

Thanks
 

smilovsky

New member
Joined
Apr 13, 2012
Messages
2
build proftpd with clamav custombuild2

Hello,
I install clamav with custom build 2 and I find that the files are configured clamav but does not detect the infected files downloaded by ftp
Here is my config


Code:
#FTP Settings
#ftpd=pureftpd
ftpd=proftpd
#Statistics Settings
awstats=no
webalizer=yes

#CustomBuild Settings
custombuild=2.0
autover=no
bold=yes
clean=yes
cleanapache=yes
clean_old_tarballs=yes
clean_old_webapps=yes
downloadserver=files.directadmin.com

Code:
proftpd -vv
ProFTPD Version: 1.3.5b (maint)
  Scoreboard Version: 01040003
  Built: Thu Oct 27 2016 16:20:59 CET

Loaded modules:
  mod_lang/1.0
  mod_cap/1.1
  mod_sftp/0.9.9
  mod_tls/2.6
  mod_readme/1.0
  mod_ratio/3.3
  mod_ident/1.0
  mod_facts/0.4
  mod_delay/0.7
  mod_site.c
  mod_log.c
  mod_ls.c
  mod_auth.c
  mod_auth_file/1.0
  mod_auth_unix.c
  mod_rlimit/1.0
  mod_xfer.c
  mod_core.c
in fact I can not find the module mod_clamav.c
is it normal ?
 

SeLLeRoNe

Super Moderator
Joined
Oct 9, 2004
Messages
6,794
Location
A Coruña, Spain
You may want to manage proftpd and clamav with CB (v2.0), with that you can use this option:
proftpd_uploadscan=yes

This should do every needed step to enable the scan on file uploaded using proftpd.

Best regards
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
14,255
Location
GMT +7.00
The mod_clamav is not built-in proftpd at least by default from custombuild 2.x, it is loaded on run-time.
You need to build proftpd with "mod_dso". For this make sure, you've got:
Code:
--enable-dso
in /usr/local/directadmin/custombuild/custom/proftpd/configure.proftpd or
in /usr/local/directadmin/custombuild/configure/proftpd/configure.proftpd (if custom version does not exist).
 
Top