Anti-virus for Drupal sites
This blog post is more than 10 years old, so the content may be out of date.
Anti-virus is a subject that's drummed into us continually, bombarded as we are by a constant barrage of infected emails, exploits, attacks on web-servers.
Your server may well be firewalled, patched, protected by strong passwords and all the rest, but many Drupal sites have an attack-vector left wide open: file uploads.
If your site allows users to upload files - including pictures (yes, even the avatar image may be vulnerable1) then you should ensure that uploaded files are verified virus-free.
Earlier this week, James Andres and I released the Drupal ClamAV module, which integrates with the free open-source anti-virus product ClamAV.
Adding this to your existing setup should be extremely quick and easy - sudo apt-get install clamav2 and drush dl clamav / drush en clamav (you are using drush, right?).
Whether you're running Drupal sites for your organisation or you work for an agency who builds and maintains sites for a client, this is worth having in your arsenal of modules-for-every-site.
1. A number of image libraries - including jpg libraries - have suffered vulnerabilities which were exploitable simply by viewing an infected image. Systems affected included most versions of Windows.
2. The ClamAV product runs under Windows, but I've not had a chance to setup and test the module in a Windows environment. Any feedback on running the module on a Windows setup is welcomed - please get in touch.
Comments
Anonymous (not verified)
January 10, 2011 - 10:24am
Permalink
im using a hosting company how can i use the clam av module or any antivirus
marcus
January 12, 2011 - 11:54am
Permalink
It's theoretically possible to run ClamAV (in Daemon mode) on a separate server, and for the origin to push the file over HTTP to the separate server for testing. The ClamAV Drupal module doesn't support this yet, but that might be a future feature.
On the other hand, the easiest solution would be to change hosting providers to one that supplies ClamAV! (or run your own VPS).
Add new comment