How To Integrate ClamAV Into PureFTPd For Virus Scanning On Debian

This tutorial explains how you can integrate ClamAV into PureFTPd for virus scanning on a Debian Lenny system. In the end, whenever a file gets uploaded through PureFTPd, ClamAV will check the file and delete it if it is malware.

ClamAV can be installed as follows:

aptitude install clamav clamav-daemon

First we create the file /etc/pure-ftpd/conf/CallUploadScript which simply contains the string yes:

echo "yes" > /etc/pure-ftpd/conf/CallUploadScript

Next we create the file /etc/pure-ftpd/clamav_check.sh (which will call /usr/bin/clamdscan whenever a file is uploaded through PureFTPd)

#!/bin/sh
/usr/bin/clamdscan --remove --quiet --no-summary "$1"

and make it executable:

chmod 755 /etc/pure-ftpd/clamav_check.sh

Now we edit /etc/default/pure-ftpd-common and change the UPLOADSCRIPT line as follows:

# UPLOADSCRIPT: if this is set and the daemon is run in standalone mode,
# pure-uploadscript will also be run to spawn the program given below
# for handling uploads. see /usr/share/doc/pure-ftpd/README.gz or
# pure-uploadscript(8)

# example: UPLOADSCRIPT=/usr/local/sbin/uploadhandler.pl
UPLOADSCRIPT=/etc/pure-ftpd/clamav_check.sh

Finally we restart PureFTPd:

/etc/init.d/pure-ftpd-mysql restart

That’s it! Now whenever someone tries to upload malware to your server through PureFTPd, the “bad” file(s) will be silently deleted.

Test it with test malware file

Читайте також:

• Запуск декількох X сесій
• vsftpd /bin/false check_shell=NO pam hack
• Коротко про керування пакетами в Debian
• /usr/bin/ld: cannot find -lstdc++ Debian libreadline5-dev package bug
• Конвертуємо та нарізаємо flac ape файли
• xen ssh login: 'stdin: is not a tty'
• etc snapshots with git
• Nginx: Too Many Open Files Error
• screen в chroot debian linux
• Tahoe-LAFS - P2P файлова система, що дозволяє використовувати "хмару" серверів не довіряючи ним

coded by nessus