Configure Acunetix to enable Malware Scan

Acunetix can work in conjunction with AntiVirus engines to check for malware on your site. The default engine used is the Windows Defender AntiVirus service where it is available (such as Windows 8 and Windows 10). As an alternative, Acunetix can also interface with ClamAV, a popular open source antivirus product.

Windows 8 and Above

Windows 8 and above include the Windows Defender AntiVirus engine, which is the default (and recommended) engine. No further installation or configuration is needed in this scenario.

Install and Configure ClamAV for Windows 7

To enable Malware Scanning with an Acunetix installation on Windows 7, you will first need to install ClamAV. To achieve this:

  • You may need to bring your windows installation up to date via Windows Update before being able to successfully install this.
  • Configure your ClamAV installation:
  • From the folder "C:\Program Files\ClamAV\conf_examples", copy these 2 files:
  • clamd.conf.sample
  • freshclam.conf.sample
  • ...into the folder "C:\Program Files\ClamAV", and rename them to:
  • clamd.conf
  • freshclam.conf
  • each of these 2 files contains a line with just the word "Example" - use Wordpad to remove this line from both files
  • from the command line as Administrator, run C:\Program Files\ClamAV\freshclam.exe to get the latest signature database
  • Start up ClamAV - from the command line, run C:\Program Files\ClamAV\clamd.exe; leave it running for Acunetix to be able to check for malware.

Install and Configure ClamAV for Ubuntu & Kali

To enable Malware Scanning with an Acunetix installation on Ubuntu (tested with version 18.04.3 LTS) or Kali (tested with version 2020.1), you will first need to install ClamAV. To achieve this:

  • Install ClamAV by running the following commands:
  • sudo apt update
  • sudo apt upgrade
  • sudo apt install clamav clamav-daemon
  • Adjust the ClamAV configuration by adding the following lines to /etc/clamav/clamd.conf:

TCPSocket 3310

TCPAddr 127.0.0.1

  • Enable and restart the ClamAV service with:
  • sudo systemctl enable clamav-daemon
  • sudo systemctl restart clamav-daemon

Install and Configure ClamAV for Suse Linux Enterprise Server & OpenSUSE Leap

To enable Malware Scanning with an Acunetix installation on Suse Linux Enterprise Server (tested with version 15 SP1) or OpenSUSE Leap (tested with version 15.1), you will first need to install ClamAV. To achieve this:

  • Install ClamAV by running the following commands:
  • sudo zypper update
  • sudo zypper -n install clamav
  • sudo systemctl enable clamd
  • Download the latest virus definitions:
  • sudo freshclam
  • Start the ClamAV service
  • sudo systemctl start clamd

Install and Configure ClamAV for CentOS & Red Hat (SELinux Disabled)

To enable Malware Scanning with an Acunetix installation on CentOS (tested with version 8.1), you will first need to install ClamAV. To achieve this:

  • Install ClamAV by running the following commands:
  • sudo dnf update
  • sudo dnf install epel-release
  • sudo dnf install clamd clamav clamav-filesystem clamav-lib clamav-data clamav-update
  • Adjust the ClamAV configuration by adding the following lines to /etc/clamav/scan.conf:

TCPSocket 3310

TCPAddr 127.0.0.1

  • Start the ClamAV Updates and AntiVirus Services
  • sudo systemctl enable clamav-freshclam
  • sudo systemctl start clamav-freshclam
  • sudo systemctl enable clamd@scan
  • sudo systemctl start clamd@scan

Performing a Malware Scan

  • Prepare your test website - see the section below entitled "Prepare a test (proof of concept) Website Subfolder".
  • Create an Acunetix Target for the test website and click the "Save" button:

  • You will be taken to the Create Scan page:

  • Click on the "Scan" button
  • Select "Malware Scan" in the "Scan Type" field:

  • Click the "Create Scan" button, and wait for the scan to complete:

  • The scan result will show you that Windows Defender or ClamAV was used for malware scanning, and will show a "Malware identified" alert if malware is found.

Prepare a test (proof of concept) Website Subfolder

In this example we will assume a default installation of Apache on Ubuntu 18.04.3. The test website will be reachable on http://mytestsite/malware/, and this will be our Acunetix Target for testing.

Step 1: Prepare example website. For this single-page example, here are the contents of /var/www/html/malware/index.html:

<html>

  <head></head>

  <body>

    <h2>Testing Malware Scan"</h2><br />

    <a href="./eicar.com.txt">Test file: eicar.com.txt</a><br />

  </body>

</html>

Step 2: Add the standard "eicar.com.txt" test malware file to /var/www/html/malware/. You can obtain this from here: http://www.eicar.org/download/eicar.com.txt

« Back to the Acunetix Support Page