Today the new version 1.26.0 of the ISPProtect malware scanner was released. In this release there are some new features that make our scanner even better.

Speed and disk I/O

We've re-implemented the file search from scratch. This has enabled us to drastically reduce the number of accesses to the hard disk. If the directory to be scanned was searched recursively several times (for each scan level and the software version search individually), now only one run is performed and the result is cached.

In particular, the software version scan can perform up to 40% faster (depending on the speed of the HDD). Also users whose directory to be scanned contains a lot of files (several hundred thousand to millions) and users of our ISPProtect Web-Scans benefit significantly from the new engine.

Symbolic links

The handling of symbolic links has also been significantly improved in the new engine. This means that problems with the Typo3 scan and other version scans are a thing of the past.

Clean up

There is a new --cleanup option to delete old reports. By default, reports older than 7 days are removed. You can also specify a desired age in days, e.g. --cleanup=30 for all reports older than 30 days.

It makes sense to create a cron job for this task. For example, you can create a file "ispprotect_cleanup" in /etc/cron.d/ and make it run the clean-up with "10 0 * * * root /usr/local/ispprotect/ispp_scan --cleanup=30 --non-interactive" every night at 0:10am.

Supported web software (version scan)

With the new version we introduce support for PrestaShop version check.

Ramdisk usage

With the new --use-tmpfs option it is now possible to tell ISPProtect to use /dev/shm as the location for temporary files. For Debian and Ubuntu installations, this folder is mounted as a ramdisk and therefore offers significant speed advantages over the HDD when accessing the temporary scan files.

New scanner version (V1.26.0) reduces disk I/O