This section describes the Service section of the Settings page.
Service settings
If Kaspersky Scan Engine is initialized in HTTP mode, you can specify the following settings:
It can be either a UNIX socket, or an IP address and port.
This can be either an absolute or a relative path. A relative path is calculated relative to the kavhttpd binary file.
You must specify this setting if the HTTPS protocol is selected.
When you configure this parameter, you may see the following message in the table with service events of the Kaspersky Scan Engine dashboard: "Your private key has a low security level. Please check the permissions for the file <path>." In this case, you must configure access to the private key file so that only the root user and the user account under which the service is running can have the read permission.
This can be either an absolute or a relative path. A relative path is calculated relative to the kavhttpd binary file.
You must specify this setting if the HTTPS protocol is selected.
The range of possible values is from 1 to 10000.
The range of possible values is from 1 to 1000.
It is not recommended to use links as paths, due to security reasons. Use absolute paths instead.
Kaspersky Scan Engine does not add or remove objects in the directories specified in Locations where remote scanning is allowed. The HTTP client has to send objects to scan, then remove them after scanning.
Possible values:
This value allows you to scan files that are located inside this directory and all its subdirectories.
The directory must be located on the same computer as Kaspersky Scan Engine or on a remote hard disk mounted on that computer.
The path must start from the root directory of the computer that Kaspersky Scan Engine is installed on.
The kavhttpd service must have permissions to read files in the directory and its subdirectories.
Allows you to scan the specified file.
The file must be located on the same computer as Kaspersky Scan Engine or on a remote hard disk mounted on that computer.
The path must start from the root directory of the computer that Kaspersky Scan Engine is installed on.
The kavhttpd service must have permissions to read the file.
/
(forward slash)Allows you to scan all files.
Possible values:
*
This value allows any origin to access the kavhttpd service.
This setting is stored in the CORS
element of the HTTP mode configuration file.
If Kaspersky Scan Engine is initialized in ICAP mode, you can set the following settings:
The default value is req
.
Kaspersky Scan Engine includes the value from Request mode address in the URL, for example:
icap://icap-server.example.com:1344/req
Do not use the same value for Request mode address and Response mode address.
The default value is resp
.
Kaspersky Scan Engine includes the value from Response mode address in the URL, for example:
icap://icap-server.example.com:1344/resp
The range of possible values is from 1 to 10000.
The range of possible values is from 1 to 1000.
Possible settings for partial mode:
This is the maximum amount of RAM that can be allocated for a blocked URL's cache.
The range of possible values is from 1 to 100000.
The preset value is 5000.
The range of possible values is from 1 to 604800 (one week).
The preset value is 1800.
ICAP service will write this value to logs.
The preset value is X-Client-Username
.
ICAP service will write this value to logs.
The preset value is X-Client-IP
.
ICAP service will write this value to logs.
By default, the value of this setting is empty.
SIGUSR1
and SIGUSR2
signals.In the SIGUSR1 signal and SIGUSR2 signal drop-down lists, you can select the following actions for both signals:
It is assumed that the files in the database directory are already up to date and must be reloaded.
If the files are missing, the ICAP plugin will create them. This setting allows rotating the logs by using the logrotate utility in default mode or when the create directive is used.
For either mode you can specify the following settings under Maximum values:
The default value is 10
.
It is not recommended to specify a value greater than the number of TCP connections that your HTTP client can simultaneously maintain with Kaspersky Scan Engine.
The default value is 100
.
The default value is 8
.
The default value is 4
.
When you apply new service settings, Kaspersky Anti-Virus Engine restarts.
Page top