Knowledge Base

Antivirus Support – Plesk Premium Antivirus

 
advanced administration guide linuxantivirus supportservices managementantivirusdatabase

Plesk Premium Antivirus is shipped with Plesk in the form of RPM
packages.

Directory Structure

Root directory: /opt/drweb/

Configuration files:

  • /etc/drweb/ is a directory with various configuration files.
  • /etc/drweb/drweb32.ini is the default configuration file for drwebd
    engine.
  • /etc/drweb/drweb_qmail.conf is the configuration file for the
    qmail-queue filter.
  • /etc/drweb/users.conf stores the configuration for every mail name for
    which antivirus is enabled.

Virus databases: /var/drweb/bases/*vdb

Quarantine directory: /var/drweb/infected/

Log file: /var/drweb/log/drwebd.log

Managing the Antivirus

The Dr.Web service is a standalone drwebd daemon (also called engine),
which is started from the /etc/init.d/drwebd script. You can also stop
and start it again with the following command:

# /etc/init.d/psa stopall
# /etc/init.d/psa start

Note: these commands stop and start other Plesk services: DNS server, mail
server, and so on

You can also manage it within the Services Management page in the
Server Administration Panel.

The interaction with drwebd is established through the Dr.Web client. It
can change antivirus parameters and start checking files. The client
displays a full list of its attributes if run without attributes. Also,
it can extract detailed operational information from the engine. The
following command gives information about the Dr.Web version and virus
database.

# /opt/drweb/drwebdc -sv -sb

By default, the virus databases are updated every 30 minutes by means of
the cron task: /opt/drweb/update/update.pl > dev/null 2>&1

Filtering Mail

Dr.Web substitutes the native qmail-queue filter used for transferring
incoming messages to the qmail queue with its own utility. The utility’s
configuration settings are stored in the /etc/drweb/drweb_handler.conf
file.

Dr.Web filtering is activated on the mail name level. If enabled it can
check incoming, outgoing or both kinds of messages. The information is
stored in the /etc/drweb/users.conf file. The following is an example of
three mail names with different Dr.Web configurations:

# grep domain01 /etc/drweb/users.conf
allow   any     regex   ^[email protected]$
allow   to      regex   ^[email protected]$
allow   from    regex   ^[email protected]$

In the above configuration, Dr.Web will check viruses in:

Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

© 2025 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit