From 396cbc6a26621f6b6e6c6971826909c4fde9e3df Mon Sep 17 00:00:00 2001 From: myvesta <38690722+myvesta@users.noreply.github.com> Date: Sat, 13 Jun 2020 00:14:57 +0200 Subject: [PATCH] Blocking executable files inside archives in ClamAV [installer] --- install/vst-install-debian.sh | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh index b4d44207..a6c824ce 100755 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -1233,6 +1233,13 @@ if [ "$clamd" = 'yes' ]; then sed -i "s|\[Service\]|[Service]\n$exec_pre1\n$exec_pre2|g" /lib/systemd/system/clamav-daemon.service systemctl daemon-reload fi + clamavfolder="/var/lib/clamav" + if [ -d "$clamavfolder" ]; then + echo "=== Blocking executable files inside zip/rar/tar archives in ClamAV" + wget -nv -O $clamavfolder/foxhole_all.cdb http://c.myvestacp.com/tools/clamav/foxhole_all.cdb + chown clamav:clamav $clamavfolder/foxhole_all.cdb + service clamav-daemon restart + fi service clamav-daemon start check_result $? "clamav-daeom start failed" fi @@ -1600,6 +1607,9 @@ touch /usr/local/vesta/data/upgrades/allow-backup-anytime touch /usr/local/vesta/data/upgrades/fix-sudoers touch /usr/local/vesta/data/upgrades/change-clamav-socket-v2 touch /usr/local/vesta/data/upgrades/keeping-mpm-event +touch /usr/local/vesta/data/upgrades/fix_ssl_directive_in_templates +touch /usr/local/vesta/data/upgrades/clamav_block_exe_in_archives +touch /usr/local/vesta/data/upgrades/clearing-letsencrypt-pipe # Secret URL secretquery='' @@ -1628,7 +1638,7 @@ echo "================================================================" crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -exec rm {} \;"; } | crontab - #----------------------------------------------------------# -# Vesta Access Info # +# myVesta Access Info # #----------------------------------------------------------# # Sending notification to admin email