Warden supports enabling third party anti-virus signatures to improve the detection rate. These signatures can block phishing, double attachments, macro malware, javascript malware, zero-day malware and even on zero-hour malware. Full documentation about each provider can be found below:
https://docs.danami.com/warden/settings/antivirus/signature-providers
- Navigate to Warden Anti-spam and Virus Protection -> Settings -> Anti-virus Settings -> Signature Providers
- We recommend enabling at least the SaneSecurity and URLhaus providers. If you want the very best protection and have the server memory then we also recommend enabling the SecuriteInfo provider. Additionally SecuriteInfo paid signatures are very reasonable and well worth it at only €29 per year for up to 10 servers. Paid plans can add the securiteinfo.mdb and securiteinfo0hour.hdb files from the SecuriteInfo provider files select list to download additional generic and 0-hour anti-virus signatures. Users can purchase the SecuriteInfo signatures here after creating an account, logging in, and pressing the subscribe button in the client area.
- Press the update button on the page then the restart button to restart the Anti-virus signature service. You can view the signature download logs under Warden Anti-spam and Virus Protection -> Logs -> Signature log.
- Once the new signatures have been downloaded to the /var/lib/clamav/ directory they will be loaded into ClamAV within the hour. You can press the Signature widget reload button on the dashboard or issue the command clamdscan --reload if you want to load them earlier.
