Except we purge the cache at time of file upload. Sent from my iPhone
> On Dec 11, 2020, at 10:53, Paul Kosinski via clamav-users > <clamav-users@lists.clamav.net> wrote: > > "The whole CVD filename is not versioned (always "daily.cvd") which is > why the CloudFlare caching issue may result in serving the previous > version." > > HTML filenames for Web pages are not versioned either. Does this mean > that CDNs like Cloudflare often serve up obsolete Web pages? If so, does > nobody notice (and complain)? > > A delay of an hour could have an adverse effect on online commerce, > especially during the busy holiday season. > > >> On Thu, 10 Dec 2020 18:34:36 +0000 >> "Micah Snyder \(micasnyd\) via clamav-users" <clamav-users@lists.clamav.net> >> wrote: >> >> Ged, Joel, Andrew, Paul: >> >> Ged wrote: >>> As I said earlier to the OP, I've never seen the problem that he's >>> complaining of and I'm beginning to suspect that he's right - that it's the >>> use of the `ScriptedUpdates no` option which is at the root of the problem. >>> >> >> This is correct -- there is no issue getting the latest patch when using >> scripted updates. The issue is when trying to download the whole CVD. The >> whole CVD filename is not versioned (always "daily.cvd") which is why the >> CloudFlare caching issue may result in serving the previous version. >> >> Andrew wrote: >>> Would it be sensible for freshclam to update the file when a newer version >>> is available, even if it is not the newest ? >>> ... >>> To be clearer, say I have version 26011, the DNS says 26013 is current but >>> the newest that freshclam can find on any configured mirror is 26012, it >>> might be better to update to 26012 than wait for 26013. >> >> It should already do this. If you have version 26011 and it says 26013, but >> only 26012 is available, it should get 26012. If that's not working -- let >> me know, we'd have a bug to fix. >> >> Joel wrote: >>> I think the way to fix this is, freshclam, if it receives an "I'm behind" >>> error from the PoP, to do a sleep for awhile and then try again. If the >>> second attempt still fails then give the error to the user. >> >> I want to be clear -- the message that was originally reported is not an >> error message. It's a verbose (a.k.a debug-level) message. If you're >> running freshclam relatively frequently, then this "wait a while and try >> again" thing is transparent to you. Disable the `Verbose` option in >> freshclam.conf and don't worry about it. >> >> -Micah >> >>> -----Original Message----- >>> From: clamav-users <clamav-users-boun...@lists.clamav.net> On Behalf Of >>> G.W. Haywood via clamav-users >>> Sent: Thursday, December 10, 2020 9:21 AM >>> To: Joel Esler (jesler) via clamav-users <clamav-users@lists.clamav.net> >>> Cc: G.W. Haywood <cla...@jubileegroup.co.uk> >>> Subject: Re: [clamav-users] local server takes time to update clamav db >>> >>> Hi there, >>> >>>> On Thu, 10 Dec 2020, Joel Esler (jesler) via clamav-users wrote: >>> >>>>>> I think the way to fix this is, freshclam, if it receives an "I'm >>>>>> behind" error from the PoP, to do a sleep for awhile and then try >>>>>> again. ... >>> >>> Maybe the workaround is simpler than that. >>> >>> The document at >>> >>> https://www.clamav.net/documents/private-local-mirrors >>> >>> tells the reader to set the 'ScriptedUpdates' option to 'no' for _both_ the >>> local >>> mirror _and_ that mirror's clients. >>> >>> I can understand the logic of setting the option to 'no' for clients of the >>> local >>> mirror, because a local mirror won't serve '.cdiff' files and if they ask >>> the local >>> mirror for such a file they'll get a 404. >>> >>> But the local mirror could grab the .cdiff files from the Cloudflare mirrors >>> using freshclam, just as does any client which does _not_ use a local >>> mirror, >>> no? >>> >>> What reason is there for not using 'ScriptedUpdates yes' on the mirror? >>> >>> As I said earlier to the OP, I've never seen the problem that he's >>> complaining >>> of and I'm beginning to suspect that he's right - that it's the use of the >>> >>> ScriptedUpdates no >>> >>> option which is at the root of the problem. (Well, that and the fact that >>> Cloudflare apparently isn't providing the service that Cisco has presumably >>> contracted it to provide - if all that's necessary in order for the >>> Cloudflare PoP >>> to update its copy of the .cvd file is for some random client to request a >>> download of it, then you'd expect that the OP's request would trigger that, >>> and apparently it doesn't). >>> >>> Most freshclam daemons will be configured to make just a few attempts per >>> day to update, and a failure will mean using outdated databases (on a server >>> which by definition is providing service to many clients) until at least >>> the time >>> of the next scheduled update. That and the "try again in an hour or two" >>> suggestion seem to fly in the face of the freshclam man page: >>> >>> --on-error-execute=COMMAND Execute COMMAND if error occurred. >>> Remember, that virus database freshness is the most important thing in >>> anti-virus system. ... >>> >>> I wonder if another workaround might be to use the 'DatabaseMirror' or >>> 'PrivateMirror' options in freshclam.conf to avoid Cloudflare issues. >>> >>> But the real fix must be in the hands of Cloudflare, or perhaps those of >>> Cloudflare's customers (making more fuss about something which, at first >>> sight, could very easily be remedied). >>> >>> -- >>> >>> 73, >>> Ged. > > _______________________________________________ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
