New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Forbidden; Blocked by CDN (17) #458
Comments
What version of ClamAV are you running? |
Just updated few days before. 0.103.5. We ran freshclam multiple times on
prompt to check something. After that it get blocked. Pls get released our
IP from cdn. Thanks very much
Muhammad Junaid
…On Tue, 8 Feb 2022 at 9:58 PM, Joel Esler ***@***.***> wrote:
What version of ClamAV are you running?
—
Reply to this email directly, view it on GitHub
<#458 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AHKN4TXSQ3MWH3AMX5GS3VLU2FDTNANCNFSM5NZ6ZFWA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
This shouldn't happen. If you run freshclam and you already have the latest databases it should not touch our servers and should not get you rate limited. The only exception I know of is if your clamav was built without support for DNS, which I've seen once before. @junaid27 How are you installing ClamAV? If you built clamav from source, can you share the Also, can you paste the output from |
@@@ If you built clamav from source, can you share the clamav-config.h file that can be found in the build directory? No. Not built from source. It was installed along with EFA (Email Filter based on mailscanner) @@@ Also, can you paste the output from clamconf -n as requested in the issue template? clamconf -n Config file: clamd.d/scan.confLogFile = "/var/log/clamd.scan" Config file: freshclam.confDatabaseMirror = "db.pk.clamav.net" mail/clamav-milter.conf not found Software settingsVersion: 0.103.5 Database informationDatabase directory: /var/lib/clamav Platform informationuname: Linux 3.10.0-1160.53.1.el7.x86_64 #1 SMP Fri Jan 14 13:59:45 UTC 2022 x86_64 Build informationGNU C: 4.8.5 20150623 (Red Hat 4.8.5-44) (4.8.5) |
Thanks @junaid27. Nothing stands out to me in the
I just installed eFa in a centos:7 Docker container. The provided clamav package seems to work as expected on my end. Can I trouble you to provide the output from I'll reach out to our Cloudflare admin on Monday to ask them to review the logs on their end if the |
@ Can I trouble you to provide the output from freshclam --verbose? Maybe that will provide some hints what is going on. freshclam --verbose
< HTTP/1.1 304 Not Modified
< HTTP/1.1 304 Not Modified
< HTTP/1.1 304 Not Modified
< HTTP/1.1 304 Not Modified
< HTTP/1.1 304 Not Modified
< HTTP/1.1 200 OK
< HTTP/1.1 304 Not Modified
< HTTP/1.1 304 Not Modified
< HTTP/1.1 403 Forbidden
|
Unfortunately cloudflare doesn't give us good data past >24h out. At least in the last 24-hours there's nothing showing that IP as being blocked. I see from your logs (above) that Freshclam was rate-limited at one time and that Freshclam is now waiting on a self-imposed 24-hour cooldown before it tries again. If the datetime was changed on that box after it was first rate-limited, then it could be that Freshclam is confused and will wait for a very long time, maybe? From what I can tell from your situation, you should not be rate limited -- provided that you are not trying to use some other tool to download the files from that IP, like curl or something. Please delete |
@junaid27 this ticket has been idle for a long time. Are you still having issues? May I close the issue? |
Hi, |
We are facing an issue since yesterday. We are being blocked by Clamav CDN because we ran freshclam more than once on same server yesterday in an hour. We were hopeful, that it will be resolved automatically today, but it didn't. Our server IP is 18.141.65.104. Please help and resolve. Regards.
The text was updated successfully, but these errors were encountered: