Antivirus

The plugin allows ResourceSpace to check every file uploaded if it is a known virus. It can be configured to work with any antivirus which has a command line interface.

Antivirus plugin has been tested with ClamAV and Sophos.

When setting up the antivirus plugin, make sure to use the CLI options that will only print infected files and no other summary. Example (ClamAV): "-i --no-summary".

The path and the CLI options MUST be configured in config.php (by system administrators). Example:

Sophos

$antivirus_path = '/opt/sophos-av/bin/savscan';
$antivirus_silent_options = '-SS';

For ClamAV

$antivirus_path = '/usr/bin/clamscan';
$antivirus_silent_options = '--suppress-ok-results -o --no-summary';

Testing the plugin

To test the plugin, we have used the EICAR Standard Anti-Virus Test File. To create the EICAR file, create a new text file and paste the following:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Important

If you have more than one antivirus on your server, especially one of them having the on-access scanning feature, this will pick up an unsafe file faster than ResourceSpace and will cause issues for the plugin. This was seen with Sophos, so to temporarily disable this feature, run:

/opt/sophos-av/bin/savdctl disable