Photo by N Bandaru on Unsplash.
ClamAV is an antivirus software service which allows servers to scan for viruses. While it is notable for use in scanning for viruses on mail servers, we can also use it in our web applications to scan file uploads.
I’m doing some local development on a Drupal based site, which makes use of ClamAV through a contributed module to scan files uploaded to the site.
Having the module enabled but not having ClamAV on the system throws an error:
You could just uninstall the ClamAV module and work without it, but that introduces a potential gap in your test coverage—the behaviour of the site operates differently without the module installed, which could lead to issues that you don’t discover until later.
Prerequisites
- You know how to run Lando
- Your application is configured to scan file uploads e.g. in Drupal, the ClamAV module
Setting up your Landofile
In your Landofile (.lando.yml
), we will use the services section to modify the main application service—in our case labelled appserver
to install ClamAV:
# .lando.yml
# ...the rest of the YAML config sits above here
services:
appserver:
build_as_root:
- apt-get update -y
- apt-get install clamav clamav-daemon -y
- echo "TCPSocket 3310" >> /etc/clamav/clamd.conf
- freshclam
- update-rc.d clamav-daemon enable
run_as_root:
- service clamav-daemon start
This sets up the commands to run that installs ClamAV, sets up the ability to connect to the service on port 3310
, update the database definitions necessary to scan files, and then enable the ClamAV service.
Note here that we are using apt-get
to install the packages as the base container images that Lando uses are from Debian. You may need to adjust if your base distribution is different.
Once the changes are made, rebuild the service with lando rebuild
. This will relaunch your application, install ClamAV into your local container, and start it.
I can now load up my environment and confirm that ClamAV is successfully loaded, and that file uploads work:
Furthermore, we can use the EICAR test file to confirm that it does block viruses from being uploaded:
Possible future changes
I could set out these changes in a custom service, or alternatively use a prebuilt container for ClamAV. Of course, the current hosting environment assumes ClamAV running on localhost
on a TCP port so it’s not practical to modify it for that yet.
Hopefully this has been a useful guide in how to have ClamAV set up for your Drupal site. If you’re not running Drupal, hopefully you’ll find it useful if you’re integrating ClamAV for your own applications and infrastructure.
Top comments (0)