ClamAV installation that scans the local storage for malware and notifies the admin
-
@msbt in the meantime install WordFence (if you haven't already)? Does a really great job of blocking and detecting most stuff.
-
I like the idea. I guess a periodic scan of the files in application's data directory is all we need to do? Since code is read-only anyway.
-
@msbt in the meantime install WordFence (if you haven't already)? Does a really great job of blocking and detecting most stuff.
@jdaviescoates said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:
@msbt in the meantime install WordFence (if you haven't already)? Does a really great job of blocking and detecting most stuff.
thanks for the suggestion, but I tried that, doesn't work with the wordpress app because it can't write into the root directory
-
I like the idea. I guess a periodic scan of the files in application's data directory is all we need to do? Since code is read-only anyway.
@girish said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:
I like the idea. I guess a periodic scan of the files in application's data directory is all we need to do? Since code is read-only anyway.
that's what I'm thinking, yea
maybe a daily scan before/after backups might be good -
@msbt in the meantime install WordFence (if you haven't already)? Does a really great job of blocking and detecting most stuff.
@jdaviescoates Wordfence is great, I've used it professionally
-
@jdaviescoates said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:
@msbt in the meantime install WordFence (if you haven't already)? Does a really great job of blocking and detecting most stuff.
thanks for the suggestion, but I tried that, doesn't work with the wordpress app because it can't write into the root directory
@msbt said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:
thanks for the suggestion, but I tried that, doesn't work with the wordpress app because it can't write into the root directory
That is true of the WordPress (Managed) app on Cloudron, yeah.
TBH I'm increasingly wondering what the point of the WordPress (Managed) app is. The only pro seems to be locked down core WordPress files. As far as I can tell you still have to keep plugins and themes updated manaully anyway (and that's there security holes are more likely to be). But with WordPress security updates now automated anyway, and with Wordfence installed the WordPress core files (and the rest) are pretty locked down anyway. And there loads of pros for the WordPress (Unmanaged) app: LDAP integration, SFTP access, ability to install plugins like Wordfence. Probably more I've missed too.
Think I'll copy this into a thread in WordPress (Managed)...
-
@jdaviescoates said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:
That is true of the WordPress (Managed) app on Cloudron, yeah.
I might have missed a part there, you can install and use wordfence, it just lacks some functionality I believe.
-
@jdaviescoates said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:
That is true of the WordPress (Managed) app on Cloudron, yeah.
I might have missed a part there, you can install and use wordfence, it just lacks some functionality I believe.
@msbt said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:
I might have missed a part there, you can install and use wordfence, it just lacks some functionality I believe.
Yeah, you can't set-up the firewall, which one of it's primary and imho most important features.
-
Another thought, if anyone is interested in contacting the Wordfence devs to see if they can modify their plugin a bit so it works in WP (Managed), we could have the best of both worlds.
@robi I have no used Wordpfence but my guess is the plug-in edits the wp-config.php and maybe edits the .htaccess file. Is that why it’s not supported?
If so, it’d be a matter of it removing that part of its protection.
Tbh, I could probably do it myself with a plug-in. Hook in the right area or overwrite a function to bypass those incompatible security features (which may not even be needed in a read-only environment anyway). If there’s enough support for Wordpress on Managed then I can look into this?
-
@robi I have no used Wordpfence but my guess is the plug-in edits the wp-config.php and maybe edits the .htaccess file. Is that why it’s not supported?
If so, it’d be a matter of it removing that part of its protection.
Tbh, I could probably do it myself with a plug-in. Hook in the right area or overwrite a function to bypass those incompatible security features (which may not even be needed in a read-only environment anyway). If there’s enough support for Wordpress on Managed then I can look into this?
-
Would be nice to have ClamAV available as an app for custom installations/API use. Looks like there is a docker image now:
-
Would be nice to have ClamAV available as an app for custom installations/API use. Looks like there is a docker image now:
@tamayers yes this should be nice to set scan just only for where is write and read file. Not docker configure.
-
G girish referenced this topic on
-
M msbt referenced this topic on
