Mailing List Archive

[clamav-users] Blocked by Cloudflare
Hi,

The company I work for uses ClamAV as antivirus solution across our server suite. We grab the virus database updates from our central update server daily.

As it happened, our IPs (we're using proxy servers to connect to freshclam database mirrors) are getting blocked by Cloudflare, preventing us from updating the databases locally.

Today I found out that all our proxy IPs are unable to connect, which left us in the dark and without an ability to update the local database repositories.

Could I be advised on how to request a permanent whitelist for our proxy IPs, so we can continue using ClamAV as our antivirus solution and be able to fetch the database updates without interruption?

Regards,

Bart Bania
IT Linux System Administrator - Linux - IT department
JD Sports Fashion plc<https://www.jdplc.com/>

This email is from JD Sports Fashion plc or one of its subsidiaries ("JD Sports Fashion Group"). The contents of this email and any attachments are confidential and are intended solely for the use of the intended recipient. The information in this email may not be used, copied or disclosed by any person other than the intended recipient. If you are not the intended recipient, please contact JD Sports Fashion plc at info@jdplc.com, quoting the name of the sender and delete the message from your system. E-mails sent to and from the JD Sports Fashion Group may be monitored and read for legitimate business purposes. Emails cannot be guaranteed to be secure or error-free, and you should protect your systems. The JD Sports Fashion Group does not accept any liability arising from interception, corruption, loss or destruction of this e-mail, or if it arrives late or incomplete or with viruses. JD Sports Fashion plc - Registered in England No. 1888425. Registered Office: Hollinsbrook Way, Pilsworth, Bury, Lancashire, BL9 8RR.
Re: [clamav-users] Blocked by Cloudflare [ In reply to ]
Hello ClamAV,

Thank you for your email. As a result of events documented in places here:
https://lists.clamav.net/pipermail/clamav-users/2021-March/010577.html
and
https://lists.clamav.net/pipermail/clamav-users/2021-March/010543.html

We’ve been forced to take emergency measures to protect the ClamAV environment.

Please Immediately switch to using Freshclam or https://github.com/micahsnyder/cvdupdate to update your AV definitions.

Sorry for the inconvenience, but we are currently in emergency mode and have to make several drastic changes over the last several days.

--
Joel Esler
Manager, Communities Division
Cisco Talos Intelligence Group
http://www.talosintelligence.com | https://www.snort.org


On Mar 9, 2021, at 8:23 AM, Bart Bania <bart.bania@jdplc.com<mailto:bart.bania@jdplc.com>> wrote:

Hi,

The company I work for uses ClamAV as antivirus solution across our server suite. We grab the virus database updates from our central update server daily.

As it happened, our IPs (we're using proxy servers to connect to freshclam database mirrors) are getting blocked by Cloudflare, preventing us from updating the databases locally.

Today I found out that all our proxy IPs are unable to connect, which left us in the dark and without an ability to update the local database repositories.

Could I be advised on how to request a permanent whitelist for our proxy IPs, so we can continue using ClamAV as our antivirus solution and be able to fetch the database updates without interruption?

Regards,

Bart Bania
IT Linux System Administrator - Linux - IT department
JD Sports Fashion plc<https://www.jdplc.com/>

This email is from JD Sports Fashion plc or one of its subsidiaries ("JD Sports Fashion Group"). The contents of this email and any attachments are confidential and are intended solely for the use of the intended recipient. The information in this email may not be used, copied or disclosed by any person other than the intended recipient. If you are not the intended recipient, please contact JD Sports Fashion plc at info@jdplc.com<mailto:info@jdplc.com>, quoting the name of the sender and delete the message from your system. E-mails sent to and from the JD Sports Fashion Group may be monitored and read for legitimate business purposes. Emails cannot be guaranteed to be secure or error-free, and you should protect your systems. The JD Sports Fashion Group does not accept any liability arising from interception, corruption, loss or destruction of this e-mail, or if it arrives late or incomplete or with viruses. JD Sports Fashion plc - Registered in England No. 1888425. Registered Office: Hollinsbrook Way, Pilsworth, Bury, Lancashire, BL9 8RR.
_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml