i am not sure whether this is in the right section or not but i am building an file upload site and want to be able to scan the files on upload for viruses etc.. How would i be able to do this?

Any ideas to get me started?

Thanks

i am not sure whether this is in the right section or not but i am building an file upload site and want to be able to scan the files on upload for viruses etc.. How would i be able to do this?

Any ideas to get me started?

Thanks

• php
• javascript
• html
• ajax

• You first of all need a virus scanner to get started. – hakre Commented Dec 26, 2011 at 18:02
• Most likely you have to search for anti-virus solutions that allow for GUI-less access through an API. I guess they are rather expensive, if the even exist for general purchase without any special contracts. – Uwe Keim Commented Dec 26, 2011 at 18:03
• Maybe searching for Command Line Virus Scanner also gives you an idea on how to start. – Uwe Keim Commented Dec 26, 2011 at 18:04
• possible duplicate of PHP Upload file enhance security – hakre Commented Dec 26, 2011 at 18:08
• Probably this is something? : How To Automatically Scan Uploaded Files For Viruses With php-clamavlib – hakre Commented Dec 26, 2011 at 18:10

4 Answers 4

The clamav library has a PHP binding called php-clamav. You then can scan files for viruses from within your PHP code:

if ($_FILES['file']['size'] == 0 || !is_file($_FILES['file']['tmp_name']))
{
    throw new Exception('Please select a file for upload!');
} else {
    cl_setlimits(5, 1000, 200, 0, 10485760);
    if ($malware = cl_scanfile($_FILES['file']['tmp_name']))
        throw new Exception($malware.'(ClamAV version: '.clam_get_version(),')');
}
...

Another alternative is to install the Mod_Security web application firewall. It can be configured to scan all upload files for viruses using modsec-clamscan.

You could try something like the following using AVG:

Windows:

<?php
    exec("avgscanx.exe /SCAN=filename.ext/");
    $result = exec("echo %ERRORLEVEL%");
?>

Linux:

<?php
    exec("avgscan filename.ext -a -H -c");
    $result = exec("echo $?");
?>

Both platforms return the same error codes, allowing you to determine whether a scan was successful or not.

References:

• http://www.avg./ww-en/faq.num-4443
• http://www.avg./ww-en/faq.num-4441
• http://www.avg./ww-en/faq.num-1854
• http://www.avg./ww-en/faq.num-1759

It depends on your server configuration, but for example on linux, it's easy to install something like clam and access it through the mand line. You can use something like php's exec() to run it.

You could also use VirusTotals public API. You can read more about it here. There is some PHP code available here.

This way you get a lot of scanners, and you don't have to run AV locally. On the other hand you'll have to wait a while for the result.