20

I am looking to see how I can go about checking if an uploaded file has a virus or not via PHP. What options exist, pros and cons of each, etc.

halfer
  • 19,824
  • 17
  • 99
  • 186
Carl
  • 219
  • 1
  • 2
  • 4
  • Just avoid unwanted extensions in file upload. check how to restrict file extensions http://stackoverflow.com/questions/10456113/php-check-file-extension-in-upload-form – Allahbakash.G Oct 22 '14 at 07:15
  • 8
    Avoiding unwanted extensions won't avoid viruses. – Daniel Sep 15 '16 at 15:35

2 Answers2

27

ClamAV is a free anti virus commonly used on server applications.

php-clamav is an extension for binding ClamAV to PHP. You can check their documentation.

I've found a tutorial on how to use clamav as a Zend Framework Validator which already includes instructions on how to verify upload files. The tutorial should also help you on using it on another frameworks or architectures.

You can also call clamav by its command line interface with clamscan. This requires clamav to be installed but not the PHP extension. In the PHP side, you can shell_exec('clamscan myuploadedfile.zip'); then parse the output. Lines ending with OK are safe files, lines ending with FOUND are malicious files.

alganet
  • 2,527
  • 13
  • 24
8

You can use VirusTotal.com, they have an API which you can use to upload files and they will scan them using multiple virus scanners.

https://www.virustotal.com/

Anders
  • 8,307
  • 9
  • 56
  • 88
Jeroen
  • 13,056
  • 4
  • 42
  • 63
  • Very good since you may use an API for scanning your file-URL. But its public version is limited to at most 4 requests of any nature in a given 1 minute time frame. – Daniel Sep 15 '16 at 15:41
  • 5
    I know this answer was written a while ago but I am going to point it out just in case. It should be noted that virustotal stores the files submitted for further analysis, meaning that it is unwise to use VirusTotal in case you expect to get confidential files, which you don't want others to see. – vakus Apr 28 '18 at 09:34