Scan Attachments For Viruses
 

This extension came about after some discussion of my previous extension:

https://vborg.vbsupport.ru/showthread.php?t=100933

That extension automatically zips files. Some users were concerned that this may allow a malicous user to upload a virus/trojan since the extension allows any file to be added to the archive. If you currently allow zip files to be uploaded, then the risk is already present with or without my zip extension.

I decided to write up this product that will scan all files uploaded (including archives) for viruses.

REQUIREMENTS:

Linux/Unix Server. Although it may be possible to run this on a Windows server, I have not tested it, and am unsure if it will work on that enviroment.

This extension REQUIRES that you install F-Prot on your server. All you really need is the command line scanner for workstations. The install is simple and does not require any compilation (at least it did not for me). You download the archive to your server, and un-tar it to a directory that VB will have access to. This does NOT require root access as no system files are modified. F-Prot is free for personal use, but your requirements may require a purchase. Please read the F-Prot license agreement for more details.

Safe Mode must be off. PHP must have access to the system command.

INSTALLATION

Installation of the product is simple, just install the product file in the admincp and then go to VBulletin Options -> Virus Scanning. Enter the COMPLETE path to F-Prot. For example:

/home/yoursite.com/www/somefolder/f-prot/f-prot

Please note, the name f-prot must be at the end of the path. This is the FILE NAME not the directory name.

You can test to see if it working by creating an eicar file:

http://www.eicar.org/anti_virus_test_file.htm

And try attaching it to a thread. Note, if you create a txt file, it will recognize it unless it is in an archive. The scanner understands that as a text file it is not a threat. Rename it to a .exe file if you want to test the archive scanning abilities.

The product will scan files inside of .zip, .cab, .tar, .gz, .izh and .arj files.

IF you are going to use this in conjuction with my zip extension, uninstall the zip plugin first, install this product, then re-install the zip plugin, this way the virus scan will happen before the attachments are archived.

I will support this as I can. Before you post any requests for help, please check your phpinfo (see maintenence in admincp) and make sure safe mode is off before posting here. If safemode is on, there really is not much I can do for you.

Please Click INSTALL!

I will defiantly try this.

Thanks Jafo,
Mat

Looks great...I just looked at some of the f-prot documents and have completely confused myself. Guess I will not be installing at this time :(

There really isn't much you have to know about F-Prot, just un-tar the files and you are basically done. You should run the script that comes with it to update the virus sig files once in a while, but otherwise it is pretty straight forward.

good idea but why you don't have used a free antivirus for all requirements?

Nice. I'll try this out later.

Do you have a particular one in mind?

Clamd, ClamAV comes in a module on most Linux packages.

Its lovely, I will look at this later, this is the final version right? not a beta! *clicks install*

Yes, this is the release version, whether it is final or not, depends on if any features need to be added. :)