Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    ClamAV installation that scans the local storage for malware and notifies the admin

    Feature Requests
    clamav
    10
    19
    707
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      msbt App Dev last edited by girish

      Today I had two compromised WordPress installations (one on Cloudron, one on an external webhoster). The webhoster sent me an email with the infected files and asked for removal. Would be a nice addition to cloudron if it scanned the files of certain apps for malware and notifies the admin.

      Any thoughts on that?

      Best regards

      murgero 1 Reply Last reply Reply Quote 5
      • murgero
        murgero App Dev @msbt last edited by

        @msbt said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:

        Today I had two compromised WordPress installations (one on Cloudron, one on an external webhoster). The webhoster sent me an email with the infected files and asked for removal. Would be a nice addition to cloudron if it scanned the files of certain apps for malware and notifies the admin.

        Any thoughts on that?

        Best regards

        I agree, but change "certain apps" to "all apps"

        --
        https://urgero.org
        ~ Professional Nerd. Freelance Programmer. ~
        Matrix: @murgero:urgero.org

        1 Reply Last reply Reply Quote 1
        • girish
          girish Staff last edited by

          I like the idea. I guess a periodic scan of the files in application's data directory is all we need to do? Since code is read-only anyway.

          murgero M 2 Replies Last reply Reply Quote 6
          • jdaviescoates
            jdaviescoates last edited by

            @msbt in the meantime install WordFence (if you haven't already)? Does a really great job of blocking and detecting most stuff.

            I use Cloudron with Gandi & Hetzner

            M W 2 Replies Last reply Reply Quote 2
            • murgero
              murgero App Dev @girish last edited by

              @girish Sounds about right to me.

              --
              https://urgero.org
              ~ Professional Nerd. Freelance Programmer. ~
              Matrix: @murgero:urgero.org

              1 Reply Last reply Reply Quote 1
              • M
                msbt App Dev @jdaviescoates last edited by

                @jdaviescoates said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:

                @msbt in the meantime install WordFence (if you haven't already)? Does a really great job of blocking and detecting most stuff.

                thanks for the suggestion, but I tried that, doesn't work with the wordpress app because it can't write into the root directory

                jdaviescoates 1 Reply Last reply Reply Quote 2
                • M
                  msbt App Dev @girish last edited by

                  @girish said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:

                  I like the idea. I guess a periodic scan of the files in application's data directory is all we need to do? Since code is read-only anyway.

                  that's what I'm thinking, yea 😄 maybe a daily scan before/after backups might be good

                  1 Reply Last reply Reply Quote 3
                  • W
                    will @jdaviescoates last edited by

                    @jdaviescoates Wordfence is great, I've used it professionally

                    1 Reply Last reply Reply Quote 1
                    • Lonkle
                      Lonkle last edited by

                      Did this end up as a feature or still just in the idea phase?

                      1 Reply Last reply Reply Quote 1
                      • nebulon
                        nebulon Staff last edited by

                        Nothing has been implemented yet as far as I am aware of. However it is still a nice idea and we should consider it in the future.

                        1 Reply Last reply Reply Quote 2
                        • jdaviescoates
                          jdaviescoates @msbt last edited by

                          @msbt said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:

                          thanks for the suggestion, but I tried that, doesn't work with the wordpress app because it can't write into the root directory

                          That is true of the WordPress (Managed) app on Cloudron, yeah.

                          TBH I'm increasingly wondering what the point of the WordPress (Managed) app is. The only pro seems to be locked down core WordPress files. As far as I can tell you still have to keep plugins and themes updated manaully anyway (and that's there security holes are more likely to be). But with WordPress security updates now automated anyway, and with Wordfence installed the WordPress core files (and the rest) are pretty locked down anyway. And there loads of pros for the WordPress (Unmanaged) app: LDAP integration, SFTP access, ability to install plugins like Wordfence. Probably more I've missed too.

                          Think I'll copy this into a thread in WordPress (Managed)... 🙂

                          I use Cloudron with Gandi & Hetzner

                          1 Reply Last reply Reply Quote 1
                          • M
                            msbt App Dev last edited by

                            @jdaviescoates said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:

                            That is true of the WordPress (Managed) app on Cloudron, yeah.

                            I might have missed a part there, you can install and use wordfence, it just lacks some functionality I believe.

                            jdaviescoates 1 Reply Last reply Reply Quote 0
                            • jdaviescoates
                              jdaviescoates @msbt last edited by

                              @msbt said in Feature Request: (Optional) ClamAV installation that scans the local storage for malware and notifies the admin:

                              I might have missed a part there, you can install and use wordfence, it just lacks some functionality I believe.

                              Yeah, you can't set-up the firewall, which one of it's primary and imho most important features.

                              I use Cloudron with Gandi & Hetzner

                              1 Reply Last reply Reply Quote 0
                              • robi
                                robi last edited by

                                The firewall in WP Cerber works just fine in WP Managed.

                                It auto blocks and bans IPs and subnets based on your settings. Really useful.

                                Life of Advanced Technology

                                1 Reply Last reply Reply Quote 1
                                • robi
                                  robi last edited by

                                  Another thought, if anyone is interested in contacting the Wordfence devs to see if they can modify their plugin a bit so it works in WP (Managed), we could have the best of both worlds.

                                  Life of Advanced Technology

                                  Lonkle 1 Reply Last reply Reply Quote 1
                                  • Lonkle
                                    Lonkle @robi last edited by

                                    @robi I have no used Wordpfence but my guess is the plug-in edits the wp-config.php and maybe edits the .htaccess file. Is that why it’s not supported?

                                    If so, it’d be a matter of it removing that part of its protection.

                                    Tbh, I could probably do it myself with a plug-in. Hook in the right area or overwrite a function to bypass those incompatible security features (which may not even be needed in a read-only environment anyway). If there’s enough support for Wordpress on Managed then I can look into this?

                                    robi 1 Reply Last reply Reply Quote 0
                                    • robi
                                      robi @Lonkle last edited by

                                      @Lonk .htaccess modification works fine, as WP Cerber does it.

                                      Life of Advanced Technology

                                      1 Reply Last reply Reply Quote 0
                                      • T
                                        tamayers last edited by

                                        Would be nice to have ClamAV available as an app for custom installations/API use. Looks like there is a docker image now:

                                        https://hub.docker.com/r/mkodockx/docker-clamav/

                                        A 1 Reply Last reply Reply Quote 3
                                        • A
                                          ApplegateR @tamayers last edited by

                                          @tamayers yes this should be nice to set scan just only for where is write and read file. Not docker configure.

                                          Richard Applegate
                                          Anthem Coffee and Tea
                                          The Joint Chiropractic
                                          IT/Administrator Server/Network

                                          1 Reply Last reply Reply Quote 1
                                          • First post
                                            Last post
                                          Powered by NodeBB