The ISPProtect malware scanner is now available as a Docker image. This alternate way to install and use ISPProtcet is currently in beta stage. Feel free to contact our support if you need help or encounter any issues.


  • Your server must have Docker installed.

Scan your server with ISPProtect using Docker

The ISPProtect Docker image is available on Docker Hub, so you can pull it directly by using the following command:

docker pull ispconfig/ispprotect:latest

The size of the image is currently about 270MB. The image is based on the Debian slim image.

Then, use the following command to scan your server. In this example, I will scan the /var/www folder of the system.

docker run -ti -v /var/www:/scan -v ./:/result ispconfig/ispprotect:latest --path=/scan --results-dir=/result --scan-key=TRIAL

It may take a bit until you can see the ISPProtect ASCII logo show up, as ISPProtect updates itself first in the container.

The ISPProtect docker run command in detail

The ISPProtect malware scanner must be able to share data with the host system in two ways. First, it must be able to access the files that shall be scanned. And second, it must be able to write the scan report so you can access it. This is achieved by sharing two folders (volumes) between the host system and the Docker container.

-v /var/www:/scan

This part of the command maps the /var/www folder of the host system to the folder /scan inside the Docker container. It allows ISPProtect to scan /var/www in conjunction with the program parameter --path=/scan. If you want to scan a different folder than var/www, just alter the path /var/www" in the command, not the --path command.

-v ./:/result

This part of the command maps the current folder (./) to the folder /result in the Docker container. It defines where ISPProtect will write the scan report to. If you want to have the scan report written to a different folder (let's say /home/tom/reports), then change the command like this:

-v /home/tom/reports:/result

The command line option --results-dir=/result should not be altered as it just tells ISPProtect where it can find the folder to exchange the report inside the Docker container.


This will do a trial run. To use your license key, replace the word "TRIAL" with your license key.

Advanced Options

You can use the other config options by appending them to the command. A complete list of options can be found in the documentation here:

You can also use the Docker container to display all command line options like this:

docker run -ti ispconfig/ispprotect:latest --help

The result will be:

Feel free to contact our support if you need help or encounter any issues.

Run ISPProtect Malware Scanner with Docker