ABHIONLINUX
Site useful for linux administration and web hosting

2012/05/04

Virus scan in ftp uploaded files using pureftpd in cpanel



Following are the steps that needs to be followed to scan the ftp uploading files for virus in pureftpd

As a first step, you have to installed clamav in the server.
You can install it from whm
clicking on : Cpanel —> Manage Plugins —> on clamavconnector
Check the “Install and Keep Updated” and then save it

Once clamav has been installed, you need to modify the ftp conf at /etc/pure-ftpd.conf

Make the changes as given below.

CallUploadScript yes

Next step is to create a bash script to scan the uploading files using clamav


#!/bin/bash
#Maximum file size to scan in bytes that's set to 15MB
MAXSIZE=15485230
if [ "$UPLOAD_SIZE" -le "$MAXSIZE" ]; then
    /usr/bin/clamdscan  --remove --quiet --no-summary "$1"
fi

Make the file executable,
chmod 755 /etc/pure-ftpd/clamav_check.sh

Now you will have to start the pure-uploadscript to run our script every time when a file is uploaded. You can do this by the following command.

/usr/sbin/pure-uploadscript -B -r /etc/pure-ftpd/clamav_check.sh
 -B     Daemonize the process and fork it in background.
 -r  
              Tell what program/script to run. It has to be an absolute filename, the PATH environment variable is ignored.

Thats it. Now all the files uploaded using ftp will be scanned for virus. Now what we need is to start this script when the server is rebooted. ie you need to add the script in rc.local

echo "/usr/sbin/pure-uploadscript -B -r  /etc/pure-ftpd/clamav_check.sh" >> /etc/rc.d/rc.local

Now you can restarted ftp service.
service pure-ftpd restart