From 74544adc318ee262e9e4ccb181559a64fd9ea222 Mon Sep 17 00:00:00 2001
From: cschantz <admin@server.local>
Date: Wed, 12 Nov 2025 18:41:45 -0500
Subject: [PATCH] Add warning and confirmation for full server scan
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Added safeguards for scanning entire filesystem from /:

1. Updated menu text (line 1127):
   - Changed from "Entire server (all docroots)"
   - To: "Entire server (scan from / - WARNING: may take several hours)"
   - Provides immediate visibility of scan duration

2. Added confirmation prompt (lines 1142-1157):
   - Shows yellow WARNING message
   - Lists what will be scanned (user dirs, system files, app files)
   - Warns about duration and resource usage
   - Requires explicit "yes" to proceed
   - Allows cancellation without starting scan

Benefits:
- Prevents accidental full server scans
- Sets proper expectations for scan duration
- User can choose to scan specific paths instead
- No surprise multi-hour scans

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 modules/security/malware-scanner.sh | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/modules/security/malware-scanner.sh b/modules/security/malware-scanner.sh
index 80fac77..999efa8 100755
--- a/modules/security/malware-scanner.sh
+++ b/modules/security/malware-scanner.sh
@@ -1124,7 +1124,7 @@ launch_standalone_scanner_menu() {
         esac
     else
         echo "Select scan scope:"
-        echo "  1. Entire server (all docroots)"
+        echo "  1. Entire server (scan from / - WARNING: may take several hours)"
         echo "  2. Specific user account"
         echo "  3. Specific domain"
         echo "  4. Custom path"
@@ -1139,10 +1139,21 @@ launch_standalone_scanner_menu() {
             scan_paths=("/")
             scan_description="full server scan"
 
-            if [ ${#scan_paths[@]} -eq 0 ]; then
-                echo -e "${RED}No scan paths found!${NC}"
+            echo ""
+            echo -e "${YELLOW}WARNING: Full server scan from /${NC}"
+            echo "This will scan the ENTIRE filesystem including:"
+            echo "  • All user directories"
+            echo "  • System files"
+            echo "  • Application files"
+            echo ""
+            echo "This scan may take several hours and use significant resources."
+            echo ""
+            read -p "Are you sure you want to proceed? (yes/no): " confirm_full_scan
+
+            if [ "$confirm_full_scan" != "yes" ]; then
+                echo "Cancelled."
                 read -p "Press Enter to continue..."
-                return 1
+                return 0
             fi
 
             echo ""