ISPProtect Malware Scanner 1.12 released

The ISPProtect Malware Scanner 1.12 has been released today. This release adds a new whitelisting feature and an option to ignore specific types of malware.

What is ISPProtect?

ISPProtect is a Malware and Antivirus scanner for web servers. It contains a signature based scan engine and a heuristic scan engine to detect Malware in websites, CMS- and shop systems like WordPress, Joomla, Drupal, Magentocommerce etc. A third scan level in ISPProtect detects outdated installations of e. g. WordPress, Joomla, Drupal, … and shows their location on the web server. ISPProtect is developed by the ISPConfig developer team.

Try ISPProtect for free

Try ISPProtect for free on your server now, no registration required. Just download it and start the scan, enter the word „trial“ when the scanner asks for the license key.

cd /tmp
wget http://www.ispprotect.com/download/ispp_scan.tar.gz
tar xzf ispp_scan.tar.gz
./ispp_scan

The new ISPProtect features explained

Local whitelisting

ISPProtect allows you to create a local whitelist. You can add a file to the whitelist by calling

ispp_scan --whitelist=/path/to/your/file.php

With this, a md5 hash of the file is added to the whitelist so every other file with the same content is excluded from further hits.

By default, the whitelist is stored in ~/.ispp_scan.whitelist

You can change this path by adding the whitelist-path argument:

ispp_scan --whitelist-path=/home/user/.ispprotect.wl --whitelist=/path/to/your/file.php

You can use the whitelist-path argument on your scans to use the custom whitelist location on your scan runs.

Ignoring malware types

You can ignore specific malware types by using the ignore argument, e. g.:

ispp_scan --ignore={ISPP}suspect.eval.base64

This would ignore all malware named {ISPP}suspect.eval.base64 (not recommended, of course). You can use this argument multiple times to ignore more than one malware type.

Please visit https://ispprotect.com/ for more information on ISPProtect.