Integrate pure-ftpd with clamav
From CPanelDirect
Clamav can work in conjunction with pure-ftpd to not allow virus's to be uploaded. Here are the steps.
First install Clamav. In the example below clamav is installed in /usr/local/bin but your set up may have it in /usr/bin
Contents |
/etc/pure-ftpd.conf
Edit /etc/pure-ftpd.conf and set
CallUploadScript yes
/etc/init.d/pure-ftpd
Patch /etc/init.d/pure-ftpd
Edit /etc/init.d/pure-ftpd
Look for $DAEMONIZE $fullpath /etc/pure-ftpd.conf -O clf:/var/log/xferlog $OPTIONS --daemonize
Under this add
$DAEMONIZE /usr/sbin/pure-uploadscript -B -r /var/run/pure-ftpd/clamscan.sh
Next look for kill $(cat /var/run/pure-ftpd.pid)
Under this add
kill $(cat /var/run/pure-ftpd/pure-uploadscript.pid)
/var/run/pure-ftpd/clamscan.sh
#!/bin/sh
# /usr/local/bin/clamdscan is faster if clamd is running
CLAMLOC='/usr/local/bin/clamscan';
if [ ! -x $CLAMLOC ]; then
echo 'clamscan not found';
exit;
fi
if [ "$1" = "" ]; then
echo 'Variable is blank';
exit;
fi
if [ ! -f "$1" ]; then
echo "$1 file not found"
exit;
fi
# maybe you would prefer --move=/DIRECTORY instead of remove
$CLAMLOC --remove $1
^^^ Chmod to 755 ^^^
The above calles --remove. This will of course delete the file if its detected as a virus. You may want to instead use --move
--move=DIRECTORY
Move infected files into DIRECTORY. Directory must be writable
for the 'clamav' user or unprivileged user running clamscan.
Restart FTP
/etc/init.d/pure-ftpd restart
FreeBSD
On freebsd add
pureftpd_enable="YES" pureftpd_upload_enable="YES" pureftpd_uploadscript="/var/run/pure-ftpd/clamscan.sh"
to /etc/rc.conf, and make sure callupload is set to yes in pure-ftpd.conf.
Testing
Upload the EICAR test file to test if clamav is working
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
