Siberian includes some security features:
Note: ClamAV setup is optional, the WAF (Web Application Firewall) will work as expected without it being installed, ClamAV will only add another layer of security to Scan for viruses & trojan in the files that have passed the WAF
ClamAV® is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. It will scan the files uploaded in your Siberian.
To allow Siberian to use ClamAV, you have to install it and do some configurations:
First you have to check if you have an antivirus already installed. (you can’t have 2 antivirus running at the same time on a server, it will generates issues). If clamAV is already installed, you can jump to the configuration file edition part.
To install clamAV from an SSH terminal, run this command:
- For Debian and Ubuntu:
apt install clamav clamav-daemon - For Centos and RHEL:
yum install clamav clamd (If it does not find the packages, run yum install epel-release and repeat the first command.)
Then edit the configuration file:
- in /etc/clamav/clamd.conf add/edit these lines:
LocalSocket /var/run/clamav/clamd.ctl
TCPAddr 127.0.0.1
TCPSocket 3310
- then restart clamAV:
service clamav-daemon start
You will find here a list of all the allowed file extensions. It won’t be possible to upload any file with an extension not listed in this list:
(this is a partial screen, check in your Siberian to see the whole list)
As you can see, any extension listed here can be removed from the list with the delete button.
You can allow some extensions with the following form:
For instance, if you want to add the .txt extension, just type txt then hit the “Add extension” button.
Some extensions are totally forbidden, like php, so you won’t be able to allow them.