Anti-virus for Drupal sites

29th September 2010

This blog post is more than 6 years old, so the content may be out of date.

Anti-virus is a subject that's drummed into us continually, bombarded as we are by a constant barrage of infected emails, exploits, attacks on web-servers.

Your server may well be firewalled, patched, protected by strong passwords and all the rest, but many Drupal sites have an attack-vector left wide open: file uploads.

If your site allows users to upload files - including pictures (yes, even the avatar image may be vulnerable1) then you should ensure that uploaded files are verified virus-free.

Earlier this week, James Andres and I released the Drupal ClamAV module, which integrates with the free open-source anti-virus product ClamAV.

Adding this to your existing setup should be extremely quick and easy - sudo apt-get install clamav2 and drush dl clamav / drush en clamav (you are using drush, right?).

Whether you're running Drupal sites for your organisation or you work for an agency who builds and maintains sites for a client, this is worth having in your arsenal of modules-for-every-site.

1. A number of image libraries - including jpg libraries - have suffered vulnerabilities which were exploitable simply by viewing an infected image. Systems affected included most versions of Windows.

2. The ClamAV product runs under Windows, but I've not had a chance to setup and test the module in a Windows environment. Any feedback on running the module on a Windows setup is welcomed - please get in touch.

Blog tags:

Comments

Anonymous (not verified)

January 10, 2011 - 10:24am

im using a hosting company how can i use the clam av module or any antivirus

marcus

January 12, 2011 - 11:54am

It's theoretically possible to run ClamAV (in Daemon mode) on a separate server, and for the origin to push the file over HTTP to the separate server for testing. The ClamAV Drupal module doesn't support this yet, but that might be a future feature.

On the other hand, the easiest solution would be to change hosting providers to one that supplies ClamAV! (or run your own VPS).

Add new comment

More information about text formats

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
  • You can enable syntax highlighting of source code with the following tags: <code>, <blockcode>, <apache>, <bash>, <c>, <cpp>, <drupal5>, <drupal6>, <java>, <javascript>, <php>, <python>, <ruby>. The supported tag styles are: <foo>, [foo]. PHP source code can also be enclosed in <?php ... ?> or <% ... %>.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.