On Jul 3, 2018, at 10:37 AM, Benoit Panizzon <benoit.paniz...@imp.ch<mailto:benoit.paniz...@imp.ch>> wrote:
Sorry I was not following that discussion... Host: db.us.clamav.net<http://db.us.clamav.net/> User-Agent: ClamAV/0.99.4 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) Error 1003 Ray ID: 4349da2f33f4ae20 • 2018-07-03 13:55:52 UTC Direct IP access not allowed But this cought my attention... db.us.clamav.net<http://db.us.clamav.net/> is an alias for db.us.clamav.net.cdn.cloudflare.net. Cloudflare uses some kind of DDOS protection to detect if the visitor might be a 'malicious bot' or a 'human' with a 'propper' webbrowser. I fear, FreshClam does not pass the 'human' test. I would suggest to the ClamAV team to move away from Cloudflare. Such issues are bound to occur with CloudFlare. That feature is turned off for the mirror network. So, no, those issues will not occur. In fact, it was on, and yes, it was causing problems, which is why it's now off. However, the ~60TB of traffic we are passing on a 24 hour basis tells me that freshclam is working fine. You can't hit the cloudflare IPs directly, which is what that error says. -- Joel Esler Sr. Manager Open Source, Design, Web, and Education Talos Group http://www.talosintelligence.com
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
