Trouble disabling Suspicious File Location scanning

Community forum to discuss cxs.
If you believe that there is a problem with your cxs installation and want support then, as a paid product, you should use the helpdesk after having consulted the documentation.
Post Reply
sneader
Junior Member
Posts: 83
Joined: 22 Mar 2007, 05:38

Trouble disabling Suspicious File Location scanning

Post by sneader »

Too many false positives with Suspicious File Location scanning, and if we whitelist/ignore them with regex, then it also stops virus scanning those locations, which is too dangerous... so... we are going to disable Suspicious File Location scanning, for now.

We have cxswatch configured as:

/usr/sbin/cxs --options mMOLfSGchexdnwDZR --Wstart --allusers --www --smtp -Q /home/quarantine --qoptions Mv --mail root --Wmaxchild 3 --Wloglevel 0 --Wsleep 3 --filemax 0 --Wrateignore 1800

However, after doing that, I still received the following email (about 6 hours after making the change and restarting cxswatch):

cxswatch Scanning /home/someuser/public_html/wp-content/uploads/backwpup-8ff5f-temp/backwpup-142695-folders.php:
# Suspicious file location for a script [application/x-php]:
'/home/someuser/public_html/wp-content/uploads/backwpup-8ff5f-temp/backwpup-142695-folders.php'

I do not have in my --options. What am I doing wrong?

- Scott

Post Reply