Anti-virus for Drupal sites

This blog post is more than 6 years old, so the content may be out of date.

Anti-virus is a subject that's drummed into us continually, bombarded as we are by a constant barrage of infected emails, exploits, attacks on web-servers.

Your server may well be firewalled, patched, protected by strong passwords and all the rest, but many Drupal sites have an attack-vector left wide open: file uploads.

If your site allows users to upload files - including pictures (yes, even the avatar image may be vulnerable1) then you should ensure that uploaded files are verified virus-free.

Earlier this week, James Andres and I released the Drupal ClamAV module, which integrates with the free open-source anti-virus product ClamAV.

Adding this to your existing setup should be extremely quick and easy - sudo apt-get install clamav2 and drush dl clamav / drush en clamav (you are using drush, right?).

Whether you're running Drupal sites for your organisation or you work for an agency who builds and maintains sites for a client, this is worth having in your arsenal of modules-for-every-site.


1. A number of image libraries - including jpg libraries - have suffered vulnerabilities which were exploitable simply by viewing an infected image. Systems affected included most versions of Windows.

2. The ClamAV product runs under Windows, but I've not had a chance to setup and test the module in a Windows environment. Any feedback on running the module on a Windows setup is welcomed - please get in touch.

Comments

im using a hosting company how can i use the clam av module or any antivirus

It's theoretically possible to run ClamAV (in Daemon mode) on a separate server, and for the origin to push the file over HTTP to the separate server for testing. The ClamAV Drupal module doesn't support this yet, but that might be a future feature.

On the other hand, the easiest solution would be to change hosting providers to one that supplies ClamAV! (or run your own VPS).

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
  • You can enable syntax highlighting of source code with the following tags: <code>, <blockcode>, <apache>, <bash>, <c>, <cpp>, <drupal5>, <drupal6>, <java>, <javascript>, <php>, <python>, <ruby>. The supported tag styles are: <foo>, [foo]. PHP source code can also be enclosed in <?php ... ?> or <% ... %>.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.