Configure Acunetix to enable Malware Scan

Acunetix can work in conjunction with AntiVirus engines to check for malware on your site. The default engine used is the Windows Defender AntiVirus service where it is available (such as Windows 8 and Windows 10). As an alternative, Acunetix can also interface with ClamAV, a popular open source antivirus product.

Windows 8 and Above

Windows 8 and above include the Windows Defender AntiVirus engine, which is the default (and recommended) engine. No further installation or configuration is needed in this scenario.

Install and Configure ClamAV for Windows 7

To enable Malware Scanning with an Acunetix installation on Windows 7, you will first need to install ClamAV. To achieve this:

  • You may need to bring your windows installation up to date via Windows Update before being able to successfully install this.
  • Configure your ClamAV installation:
  • From the folder "C:\Program Files\ClamAV\conf_examples", copy these 2 files:
  • clamd.conf.sample
  • freshclam.conf.sample
  • ...into the folder "C:\Program Files\ClamAV", and rename them to:
  • clamd.conf
  • freshclam.conf
  • each of these 2 files contains a line with just the word "Example" - use Wordpad to remove this line from both files
  • from the command line as Administrator, run C:\Program Files\ClamAV\freshclam.exe to get the latest signature database
  • Start up ClamAV - from the command line, run C:\Program Files\ClamAV\clamd.exe; leave it running for Acunetix to be able to check for malware.

Install and Configure ClamAV for MacOS

To enable Malware Scanning with an Acunetix installation on MacOS, you will first need to install ClamAV. Since there is no native MacOS build for ClamAV, we need to first install a mechanism to package ClamAV for installation onto MacOS. We will use MacPorts for this procedure.

Install MacPorts and PreRequisites

  • Install Xcode from the Mac App Store:
  • Launch the Mac App Store by clicking the "App Store" menu item from the Apple () menu

  • Insert "xcode" in the search field, identify the "Xcode" application, and click the "Get" button; confirm by clicking on the "Install" button.
  • Install Xcode command line tools:
  • Launch a Terminal, and run the command:

xcode-select --install

  • This will present a confirmation dialog:

  • Click on the "Install" button

  • In the License Agreement dialog, click the "Agree" button

  • Wait for the software to download and install automatically; click on the "Done" button to finish the installation.
  • Accept the Xcode license; run the following command:

sudo xcodebuild -license

  • Install MacPorts:
  • Download the installation package for your MacOS:

  • Double-click on the downloaded installation file — keep all settings at their default values and simply click on the "Continue" buttons as necessary until the installation is completed, and click on "Close" in the final dialog.
  • The installer will have updated some environment variables in your MacOS installation, so you will need to close your Terminal for these new values to kick in.
  • Open a new Terminal and run the following commands to bring your MacPorts installation up to date:

sudo port selfupdate

sudo port upgrade outdated

Install ClamAV using MacPorts

  • From the Terminal, run the following command:

sudo port install clamav

  • This will display a list of dependencies which will be required for the installation; accept this list to continue
  • To configure the ClamAV configuration, you will need to edit the following:

/opt/local/etc/clamd.conf

/opt/local/etc/freshclam.conf

  • If the files do not exist, create them; now:
  • Edit "/opt/local/etc/clamd.conf" to have the following content:

LogFile /opt/local/var/log/clamav/clamd.log

PidFile /opt/local/var/run/clamav/clamd.pid

LocalSocket /opt/local/var/run/clamav/clamd.socket

TCPSocket 3310

TCPAddr 127.0.0.1

Foreground yes

  • Edit "/opt/local/etc/freshclam.conf" to have the following content:

UpdateLogFile /opt/local/var/log/clamav/freshclam.log

PidFile /opt/local/var/run/clamav/freshclam.pid

NotifyClamd /opt/local/etc/clamd.conf

DatabaseMirror database.clamav.net

  • Make sure that the following folders exist, and create them if necessary:

/opt/local/var/log

/opt/local/var/log/clamav

/opt/local/var/run

/opt/local/var/run/clamav

  • Make sure that the following files exist, and create them as empty text files if necessary:

/opt/local/var/log/clamav/clamd.log

/opt/local/var/log/clamav/freshclam.log

  • Make sure that the log files have the correct permissions; run the following Terminal commands:

sudo chown clamav:clamav /opt/local/var/log/clamav/clamd.log

sudo chown clamav:clamav /opt/local/var/log/clamav/freshclam.log

  • Create a working directory for ClamAV with appropriate permissions with the following Terminal commands:

sudo mkdir -p /opt/local/share/clamav

sudo chown clamav:clamav /opt/local/share/clamav

  • Get the first set of Virus Definitions with the following Terminal command:

sudo freshclam -v

  • Create PLIST files for MacOS to automatically run the necessary ClamAV services.
  • Run the Terminal command:

sudo nano /Library/LaunchDaemons/org.macports.clamd.plist

  • Insert the following contents into the file and save it:

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

<plist version="1.0">

<dict>

        <key>GroupName</key>

        <string>_clamav</string>

        <key>KeepAlive</key>

        <true/>

        <key>Label</key>

        <string>org.macports.clamd</string>

        <key>OnDemand</key>

        <true/>

        <key>ProgramArguments</key>

        <array>

                <string>/opt/local/sbin/clamd</string>

        </array>

        <key>RunAtLoad</key>

        <true/>

        <key>UserName</key>

        <string>root</string>

</dict>

</plist>

  • Run the Terminal command:

sudo nano /Library/LaunchDaemons/org.macports.freshclam.plist

  • Insert the following contents into the file and save it:

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

<plist version="1.0">

<dict>

        <key>GroupName</key>

        <string>_clamav</string>

        <key>Label</key>

        <string>org.macports.freshclam</string>

        <key>ProgramArguments</key>

        <array>

                <string>/opt/local/bin/freshclam</string>

        </array>

        <key>StartInterval</key>

        <integer>21600</integer>

        <key>UserName</key>

        <string>_clamav</string>

</dict>

</plist>

  • Launch the newly-created PLIST files; run the Terminal commands:

sudo launchctl load -w /Library/LaunchDaemons/org.macports.clamd.plist

sudo launchctl load -w /Library/LaunchDaemons/org.macports.freshclam.plist

Install and Configure ClamAV for Ubuntu & Kali

To enable Malware Scanning with an Acunetix installation on Ubuntu (tested with version 18.04.3 LTS) or Kali (tested with version 2020.1), you will first need to install ClamAV. To achieve this:

  • Install ClamAV by running the following commands:
  • sudo apt update
  • sudo apt upgrade
  • sudo apt install clamav clamav-daemon
  • Adjust the ClamAV configuration by adding the following lines to /etc/clamav/clamd.conf:

TCPSocket 3310

TCPAddr 127.0.0.1

  • Enable and restart the ClamAV service with:
  • sudo systemctl enable clamav-daemon
  • sudo systemctl restart clamav-daemon

Install and Configure ClamAV for Suse Linux Enterprise Server & OpenSUSE Leap

To enable Malware Scanning with an Acunetix installation on Suse Linux Enterprise Server (tested with version 15 SP1) or OpenSUSE Leap (tested with version 15.1), you will first need to install ClamAV. To achieve this:

  • Install ClamAV by running the following commands:
  • sudo zypper update
  • sudo zypper -n install clamav
  • sudo systemctl enable clamd
  • Download the latest virus definitions:
  • sudo freshclam
  • Start the ClamAV service
  • sudo systemctl start clamd

Install and Configure ClamAV for CentOS & Red Hat (SELinux Disabled)

To enable Malware Scanning with an Acunetix installation on CentOS (tested with version 8.1), you will first need to install ClamAV. To achieve this:

  • Install ClamAV by running the following commands:
  • sudo dnf update
  • sudo dnf install epel-release
  • sudo dnf install clamd clamav clamav-filesystem clamav-lib clamav-data clamav-update
  • Adjust the ClamAV configuration by adding the following lines to /etc/clamav/scan.conf:

TCPSocket 3310

TCPAddr 127.0.0.1

  • Start the ClamAV Updates and AntiVirus Services
  • sudo systemctl enable clamav-freshclam
  • sudo systemctl start clamav-freshclam
  • sudo systemctl enable clamd@scan
  • sudo systemctl start clamd@scan

Performing a Malware Scan

  • Prepare your test website - see the section below entitled "Prepare a test (proof of concept) Website Subfolder".
  • Create an Acunetix Target for the test website and click the "Save" button:

  • You will be taken to the Create Scan page:

  • Click on the "Scan" button
  • Select "Malware Scan" in the "Scan Type" field:

  • Click the "Create Scan" button, and wait for the scan to complete:

  • The scan result will show you that Windows Defender or ClamAV was used for malware scanning, and will show a "Malware identified" alert if malware is found.

Prepare a test (proof of concept) Website Subfolder

In this example we will assume a default installation of Apache on Ubuntu 18.04.3. The test website will be reachable on http://mytestsite/malware/, and this will be our Acunetix Target for testing.

Step 1: Prepare example website. For this single-page example, here are the contents of /var/www/html/malware/index.html:

<html>

  <head></head>

  <body>

    <h2>Testing Malware Scan"</h2><br />

    <a href="./eicar.com.txt">Test file: eicar.com.txt</a><br />

  </body>

</html>

Step 2: Add the standard "eicar.com.txt" test malware file to /var/www/html/malware/. You can obtain this from here: http://www.eicar.org/download/eicar.com.txt

« Back to the Acunetix Support Page