Sorry about the last post. I accidentally posted it twice. Admin can remove the duplicate.

Nuke,

I did look into Antimalware in my server and it seems I don't have the option to schedule scan.

Mine says Antimalware Gateway Antivirus and yours is Antivirus File Scanner. Are they two difference apps? Take a look at the pic.

Thanks,

Hi Nuke,

Thanks for your reply. It's interesting that you say unless you got a lot of email at once. Everyone's emails get spammed here, but there is one email account that gets way more spam than others all the time in HUNDREDS everyday. Maybe that's why Clam runs a lot causing high CPU usage.

I will take a look at Antimalware Scanner setting...

Thanks,

Hi Nuke,

Thanks for your reply. It's interesting that you say unless you got a lot of email at once. Everyone's emails get spammed here, but there is one email account that gets way more spam than others all the time in HUNDREDS everyday. Maybe that's why Clam runs a lot causing high CPU usage.

I will take a look at Antimalware Scanner setting...

Thanks,

How do you schedule when (date and time) clamscan runs?

Hi,

ClearOS - 2.5.2

Clamscan had always taken over the whole server bogging down the CPU (Clamd high CPU usage) and its performance while it scans the whole system. It didn't used to be this bad. However, lately Clamscan seems to be running a lot especially almost always EVERY MORNING around 8am to 10am holding the server HOSTAGE for hours; not being able to download emails or view the website.

But I did read that I can schedule when Clamscan runs (date and time). I would strongly prefer that clamscan runs at OFF-PEAK hours like weekends say every Saturday at 11PM.

Is there a way to schedule when Clamscan runs on ClearOS?

Can someone give me the command to be able to do that?

Thank you,

Hi Nick,

I thought I found the answer to my question, but it turns out I jumped the gun. $_SERVER["SERVER_NAME"] only returns our domain name not the domain name of the visitor's IP ADDRESS. Let me look at your suggestion and come back with more questions or thank you...

Hi Nick,

Well, in my internet research on this, I kept getting told that it is nearly IMPOSSIBLE to do this for each server ip address it could be pointing at more than one domain name; retrieving domain name for a server from its ip address. I understood the reason why. However, there is a PHP environmental element that you can request from the visitor's server that gives you the name (Domain Name) of the server if possible; $_SERVER["SERVER_NAME"].

To my surprise, it returned EXACTLY what I was looking for a domain for the server like www.example.com.

Just putting this out here just in case someone is looking for something similar solution or an answer.

Thank you for the reply Nick.

Is there away to do a reverse lookup (for domain name) knowing visitor's IP address if you can?

On my website, I have a page where my visitors can click on PHP links to download files. At the same time, my PHP also retrieves basic information from this download us PHP like the user IP address and sends an email to us all in the background.

So, my question is this. Is there away to retrieve my visitors' domain name using their IP address from which they are requesting information if it is possible? I am running ClearOS and PHP 5.4

I did read that you have to set up your webserver for this especially enabling hostnamelookup on inside httpd.conf

I simply want to $_SERVER["REMOTE_HOST"] for my visitor's domain name.

Any hints or clues will be greatly appreciated. Thanks.

Nick Howitt wrote:

Disabling the port in the Incoming Firewall only disables it to the External interfaces. It should still work on any LAN interfaces (but not HotLAN). Are you by any chance in Standalone with Firewall mode? If you are, closing the Incoming firewall would disable SSH access.

Yep... I am running ClearOS in Standalone with firewall mode. Also, you are right about SSH Access. Now, it looks like everything is working as it should. I believe this issue was brought up, because I cleared the log. There must've been one too many to begin with and Attack Detector app also was posting events at the same time event.db was cleared. Hopefully, this won't happen again.

Thanks,

Hi NIck,

I ran your commands. First, I enabled port 22 like you said and followed by other commands relating to clearsync. Now, it let me login to WebConfig, although it is still sort of sluggish.

Now, how do I disable port 22 using the same terminal command? Even though I enabled port 22 through terminal command, it wasn't reflected in the WebConfig under Firewall -> Incoming firewall. It still said port 22 disabled.

I want to put everything back to the way it was before.

Thank you for all the help, Nick.