ConfigServer eXploit Scanner (CXS) quarantines suspicious files by moving them to a quarantine directory. If this directory does not exist or has incorrect permissions, CXS cannot quarantine files and will log errors. This guide shows how to create and configure the CXS quarantine directory.
mkdir -p /home/cxsquarantine
chown root:root /home/cxsquarantine
chmod 700 /home/cxsquarantine01. Create the Quarantine Directory
mkdir -p /home/cxsquarantine
chown root:root /home/cxsquarantine
chmod 700 /home/cxsquarantine02. Configure CXS to Use It
Edit the CXS configuration file /etc/cxs/cxs.conf and set the quarantine path:
quar_dir = /home/cxsquarantineIf the directive is already present, verify the path matches the directory you created.
03. Verify
# Test CXS is working
cxs --test
# Check quarantine directory is accessible
ls -la /home/cxsquarantine/
# Review recent quarantine activity
ls -lt /home/cxsquarantine/ | head -20Quarantined files accumulate over time. Review and clean them periodically:
# See total size
du -sh /home/cxsquarantine/
# Remove files older than 90 days
find /home/cxsquarantine/ -type f -mtime +90 -deleteDo not set the quarantine directory to /tmp. On servers with /tmp mounted as a separate partition with limited space, quarantined files can fill it up and cause system-wide issues.
Need Help With CXS Configuration?
Contact our team for assistance with malware scanning and CXS setup.
Open a Support TicketQuick Recap
- Create:
mkdir -p /home/cxsquarantine - Own:
chown root:root,chmod 700 - Configure: set
quar_dirin/etc/cxs/cxs.conf - Verify:
cxs --test - Maintain: periodically clean old quarantined files
10,424 users found this article useful · Last updated March 2026 · Browse all Server Maintenance articles
