Skip to main content
Information Security

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

4
  • 1) About point #2 authentication and anti-CSRF protection. how would I set this up? 2) What AV exists in Linux? I was even checking known commercial ones and they exist for Windows/Android or for companies and business accounts. Is there one you have in mind? Commented Jan 27, 2025 at 19:30
  • Authn options depend on what the server is doing, but assuming you don't have any login or account management stuff now, I'd tend to go with a simple Bearer token (which also provides CSRF protection), or with cookies (but you need some way to set them) or Basic auth (which is much less secure). You could also establish an authentication (login) process, of course. For anti-CSRF, there are tons of options; I favor requiring a custom header where possible, but even the samesite flag on an auth cookie would probably work here (except against other localhost websites, if you have any). Commented Jan 28, 2025 at 2:56
  • As for AV software, here's a random result from near the top of the results page for "linux antivirus" that links to and reviews four different commercial AVs (admittedly only some for personal use): security.org/antivirus/best/linux. There's also clamav.net and comodo.com/home/internet-security/antivirus-for-linux.php and... did you even search? Those are all first-page results. Commented Jan 28, 2025 at 3:03
  • I have heard of clamav but also have read is kind of dated. For bitdefender seems an option, I hadn't noticed that it is free for personal use. For comodo, I had doubts if it is legit. Why is it free? How do they gain any profit just by offering it free? I don't see any updade for professional (e.g. like in Avast) Commented Jan 28, 2025 at 19:03