SInce I updated from 9.703 to 9.705 my Webserver protection is going nuts.
Hundreds of repeating entries like this:
httpd[4958]: [avscan:error] [pid 4958:tid 3951270768] [client 2.3.9.4:9418] [4958] virus daemon error found in request /_matrix/client/r0/rooms/!skENoWILkfnJIfZBKC:met/read_markers
httpd[4958]: [avscan:notice] [pid 4958:tid 3951270768] [client 2.3.9.4:9418] mod_avscan_input_filter: virus found or MIME type blocked
httpd[4958]: [proxy_http:error] [pid 4958:tid 3951270768] (13)Permission denied: [client 2.3.9.4:9418] AH01095: prefetch request body failed to 10.0.0.10:443 from 2.3.9.4 ()
Fallback log shows this:
[daemon:info] cssd[10105]: [0xf5a523e0] scan_file (saviscanner.c:400) One of the files in a split-virus data set could not be located [0x8004022d]
If I select dual scan engine, nothing works and all Web Servers serve 403 forbidden.
If I restrict Antivirus to "Upload only" and to single scan with Sophos engine, it somehow works most of the time, but I still get the log entries as above. For some Web services I had to switch off Antivirus completely to make it work.
Also lots of core dumps (mostly confd.plx) since I use the new version.
With version 9.703 everything worked perfectly.
What went wrong?
This thread was automatically locked due to age.
