Add AV Scan to File Upload Site

Question

i am not sure whether this is in the right section or not but i am building an file upload site and want to be able to scan the files on upload for viruses etc.. How would i be able to do this?

Any ideas to get me started?

Thanks

Answer 1

You could also use VirusTotals public API. You can read more about it here. There is some PHP code available here.

This way you get a lot of scanners, and you don't have to run AV locally. On the other hand you'll have to wait a while for the result.

Answer 2

You could try something like the following using AVG:

Windows:

<?php
    exec("avgscanx.exe /SCAN=filename.ext/");
    $result = exec("echo %ERRORLEVEL%");
?>

Linux:

<?php
    exec("avgscan filename.ext -a -H -c");
    $result = exec("echo $?");
?>

Both platforms return the same error codes, allowing you to determine whether a scan was successful or not.

References:

• http://www.avg.com/ww-en/faq.num-4443
• http://www.avg.com/ww-en/faq.num-4441
• http://www.avg.com/ww-en/faq.num-1854
• http://www.avg.com/ww-en/faq.num-1759

Answer 3

The clamav library has a PHP binding called php-clamav. You then can scan files for viruses from within your PHP code:

if ($_FILES['file']['size'] == 0 || !is_file($_FILES['file']['tmp_name']))
{
    throw new Exception('Please select a file for upload!');
} else {
    cl_setlimits(5, 1000, 200, 0, 10485760);
    if ($malware = cl_scanfile($_FILES['file']['tmp_name']))
        throw new Exception($malware.'(ClamAV version: '.clam_get_version(),')');
}
...

Another alternative is to install the Mod_Security web application firewall. It can be configured to scan all upload files for viruses using modsec-clamscan.

Answer 4

It depends on your server configuration, but for example on linux, it's easy to install something like clam and access it through the command line. You can use something like php's exec() to run it.