BuycPanel Blog

BuycPanel Blog

Latest news and updates

2/19/2015 – Does cPanel & WHM Include Anti-Virus Protection?

Posted by Jamison on 19 02 2015.

cPanel is essentially a simplified interface for hosting a website. Clients and end users are often given or buy cPanel so they don’t have to continually engage the services of an IT and web expert to keep their website running. The developing team for the website can essentially set you up with a better user interface that lets you control most of the functions and capabilities of your website without needing to open the command console.

 

Along with your cPanel license, you also get built-in anti-virus through ClamAV. While you may think that this is a great value, some users find that their website still experiences attacks and is vulnerable to threats even with ClamAV.

 

Craxyboutlinux posted on the cPanel forums:

 

Please don’t suggest me ClamAV its really poor, recently our client’s website got Hacked by the hackers & i scanned that website to check how many pages are infected, but ClamAV says website is OK

 

Still, ClamAV does handle some threats, if not all. To make sure that you have ClamAV installed to offer some initial virus protection, here are the steps:

 

ClamAV Scanner configuration

 

To configure ClamAV Scanner:

 

  1. Select the services that you wish to scan.
    • Scan Entire Home Directory — Scans the home directory on your server.
    • Scan Mail — Scans all mail folders on your server.
    • Scan Public FTP Space — Scans all folders that are publicly accessible through FTP services.
    • Scan Public Web Space — Scans all folders that are publicly accessible through the web.
  2. Click Save.

 

Here’s how to configure ClamAV scanner for configured users:

 

If you wish to override the ClamAV Scanner configuration for specific users, click User Configuration. The User Configuration interface also allows you to set override defaults for all configured users.

 

Add or remove configured users

 

Before you can configure a user’s ClamAV Scanner settings, that user must appear on the Configured Users menu.

 

To add a user to the Configured Users menu:

 

  1. Select the desired user from the User List menu.
  2. Click Add.
    • If you wish to add all of the users that are on the User List menu to the Configured Users menu, click Add All.

 

To remove a user from the Configured Users menu:

 

  1. Select the desired user from the Configured Users menu.
  2. Click Remove.

 

ClamAV and Malware

 

Keep in mind that just like any other anti-virus protection software, ClamAV has its limitations. Sometimes, other software can be added to cover all your bases. When it comes to malware, here’s what the experts have to say:

 

Malware uploads happen to the server through two main vulnerabilities:

 

1. Account password disclosure
2. Vulnerable applications in websites

 

Malware uploads through account password disclosure can be prevented using CXS (augmented by ClamAV unofficial signatures + LMD signatures).

 

Malware uploads through vulnerable applications can be prevented using mod_security (with signatures from ASL Lite).