Today the new version 1.26.0 of the ISPProtect malware scanner was released. In this release there are some new features that make our scanner even better.
Speed and disk I/O
We've re-implemented the file search from scratch. This has enabled us to drastically reduce the number of accesses to the hard disk. If the directory to be scanned was searched recursively several times (for each scan level and the software version search individually), now only one run is performed and the result is cached.
In particular, the software version scan can perform up to 40% faster (depending on the speed of the HDD). Also users whose directory to be scanned contains a lot of files (several hundred thousand to millions) and users of our ISPProtect Web-Scans benefit significantly from the new engine.
The handling of symbolic links has also been significantly improved in the new engine. This means that problems with the Typo3 scan and other version scans are a thing of the past.
There is a new --cleanup option to delete old reports. By default, reports older than 7 days are removed. You can also specify a desired age in days, e.g. --cleanup=30 for all reports older than 30 days.
It makes sense to create a cron job for this task. For example, you can create a file "ispprotect_cleanup" in /etc/cron.d/ and make it run the clean-up with "10 0 * * * root /usr/local/ispprotect/ispp_scan --cleanup=30 --non-interactive" every night at 0:10am.
Supported web software (version scan)
With the new version we introduce support for PrestaShop version check.
With the new --use-tmpfs option it is now possible to tell ISPProtect to use /dev/shm as the location for temporary files. For Debian and Ubuntu installations, this folder is mounted as a ramdisk and therefore offers significant speed advantages over the HDD when accessing the temporary scan files.
Marius Burkard has been working as a software developer for 20 years and has several years of experience as a server administrator. As one of the lead developers of the ISPConfig control panel and technical contact for several hundred web hosting customers, he has extensive experience with malware, hacked websites and the analysis of vulnerabilities.