Virusdie is a security tool that helps you clean and protect your websites from malware, spam-bots, etc. (in PHP, JS, HTML files and system files).
Virusdie is supported starting from ISPmanager 5.79.0 .
This article walks you through the steps you need to perform to integrate ISPmanager 5 with the anti-virus system. You can learn more about Virusdie itself here.
IMPORTANT! This plugin will work only if your server has real IP-address. If you are using NAT, this module will not work.
Official website of Virusdie.
Virusdie integration page on ISPmanager website.
You can purchase a plug-in as described in the article.
Note: if you run ISPmanager Business, you need to purchase a license for every web-node.
Navigate to "Integration" ⇾ "Modules" and click the "Install" button.
The configuration form will open automatically. Click "Ок" to install the antivirus system on the server.
During the installation process, your server's IP address will be passed to the billing system, and information about Virusdie key will be updated in the ISPmanager license. After the license key is obtained, ISPmanager will download the installation package of the antivirus system. The archive is uploaded into the /usr/local/vdserver/ directory, the license key is added into the Virusdie /usr/local/vdserver/config.json configuration file (it is used by anti-virus scanner to download updates).
Attention! ISPmanager IP address should match the IP, from which request for VirusDie is sent.
After you have successfully deployed Virusdie on the server, a new module will be available in the interface menu ("Tools" ⇾ "Virusdie"). In the table, you'll see all users on the server. You can grant or deny access to Virusdie settings for users with "On" and "Off" buttons.
In order to configure Virusdie, navigate to "Tools" ⇾ "Virusdie" ⇾ "Virusdie settings", where you can enter a license key, delete Virusdie from the server, and set the limit on the antivirus report size, which will be processed by the control panel (see below).
On this form the administrator can perform the following operations:
The anti-virus scanning can be activated manually by admin or user or will run automatically on a daily basis (every night). Once completed, a new report will be generated. You will be able to view that report in the control panel.
With Virusdie installed on the server, a control panel's administrator will be able to restrict access to Virusdie for his users.
Navigate to "Users" ⇾ "Edit" ⇾ the "Access" tab.
Select the following check boxes:
You can also manage these settings in "Tools" ⇾ "Virusdie".
Administrator and user have different management tools to configure anti-virus scanning.
In order to change the settings, navigate to "Tools" ⇾ "Virusdie" ⇾ "Parameters".
If the anti-virus tool detected an infected file, Virusdie can disinfect it. You can select the following options:
On this form you can also specify the following parameters:
The options set by the administrator selects in this form will be applied when he starts anti-virus scanning manually, or when automatic scanning starts every day. The options set by the user will be applied only for anti-virus checks that the user run manually.
In the "Save reports" field the administrator can set the maximum number of check reports that will be saved for the selected user. If the limit is reached for that user, the oldest report will be deleted before saving a new one.
Administrator and users can select files and directories that won't be checked by the anti-virus tool.
Navigate to "Tools" ⇾ "Virusdie" ⇾ "Exclude"
If the scan.json or stat.json file in the report archive, exceed the size specified in the "Maximum report size" parameter of the Virusdie configuration form, the report won't be uploaded into the control panel, but the report file will be available in the directory (the /virusdie user home directory).
Virusdie database is located on Virusdie servers, and get updated once in 24 hours. Updates will be checked every time the scanning process starts.
The scanning tool doesn't have logs.
If the Virusdie license key is changed, you need to log in to ISPmanager-> Modules-> Virusdie settings, and renew information about your Virusdie license.
Starting from ISPmanager 5 5.85.0 you can take advantage of additional configuration for scheduled anti-virus scanning.
You can set the maximum number of simultaneous checks and priority.
In ISPmanager 5 Lite 5.101.0 and later users can install a trial version of Virusdie.
In order to upgrade to a commercial version, you need to order Virusdie for your ISPmanager.
Clicking Details will redirect you to the above form for conversion.
ISPmanager 5 Lite and ISPmanager 5 Business starting from 5.106.0 can send Virusdie scanning reports
Log in to ISPmanager as admin, navigate to the Virusdie configuration form, and select "email notifications".
Notifications are activated for administrator and every user. To enable notifications for the administrator, select Administrator notifications and enter the following information:
If email notifications were not configured on the server, you will be first redirected to the corresponding form.
Every user who can use Virusdie can set up email notifications that will be sent after anti-virus scanning.
Users who activated notifications will receive reports after every anti-virus scanning.
At a specified period the system will check whether new anti-virus scanning reports are generated for the administrator.
If new reports are generated, the system will group them into a single report containing the information about the number of scanned users and total threats.
To be able to use Virusdie trial, you must have a commercial license for ISPmanager. Virusdie trial cannot be activated for ISPmanager trial.
Starting from version 5.151.0 you can send file suspicious signatures to Virusdie.
Most modern anti-viruses and vulnerability scanners use «syntax» signatures taken directly from the virus file body or network package. To improve the antivirus you can upload files and specify their types as False-negative or False-positive.
If the anti-virus scanning detected the file as a virus, but it is not, you need to select "False-positive".
If the anti-virus scanning detected the file as secure, but it is not, you need to select "False-negative".
Open the Virusdie form as admin or user and click the "Signatures" button to open a list of sent signatures.
To send a file for the check, click the "Upload" button.
This mechanism allows sending only those files that are located in users' home directories.
You can also send signatures from the File manager. To do so, select one or several files and click the "Signature" button. Administrators can send files only in ISPmanager Lite.
The last way to send a file is from Virusdie scanning report. In the list of found threats, you need to select the file that was marked as malicious by mistake and click the "Signature" button.
Clicking Update will request statuses of the sent files and set actual statuses for requests.
The system sends the signatures to the Virusdie server. Team Virusdie change and create rules for finding and curing threads. Team Virusdie reserve the right to handle them as they want and ignore some of them. In that case, the signature status will change into "File ignored". If the file was processed and a new rule was created based on that file, the signature status will change into "Procedure completed".
Please note: you can delete the request that has just been processed.