6

I'd like to ask web2py and django users which tools/modules they use to scan user-uploaded files for malicious software, viruses, etc. Can you offer any recommendations, based on your personal experience? Thank you.

Lamps1829
  • 2,231
  • 3
  • 24
  • 32
  • I believe a lot of this has to do with filetypes. Restricting executable filetypes usually solves this for me - or on an even broader level - If it's an image upload field, simply restricting uploads to only image filetypes. Also OS level folder structure permissions are important in a production environment. – Hacking Life Jan 31 '13 at 19:53
  • Thanks, HL. However, I want to allow for a variety of file types (although no executables), and isn't it the case that binary files of all sorts have the potential to contain embedded malware? – Lamps1829 Feb 01 '13 at 17:34

2 Answers2

2

After further thought, and going back to different projects - here is my findings for you:

You can load Clamscan on your production server. It's UNIX-based, free, and is regularly updated. http://www.clamav.net/lang/en/

Clam scan is console based - so you can just use python to make the needed command line call whenever a user uploads a file. Quick and not resource intensive because you are just scanning one file - not your entire server.

Hacking Life
  • 3,335
  • 2
  • 19
  • 20
  • Thanks, HL. I'll consider it, but would still be glad to hear more options before settling on a solution. I've seen this variant of clamav: http://xael.org/norman/python/pyclamav/ , but it appears development on it stopped ages ago, so not sure what to make of that. – Lamps1829 Feb 01 '13 at 19:36
  • Sure, makes sense to me. You probably don't have to look for a python-specific solution if you are installing an antivirus system on the server's OS. Since you can run any command you need from your python framework – Hacking Life Feb 01 '13 at 19:38
2

I'm just at the same decision point myself. Found this django-antivirus project which looks like it was last updated in 2009?

This python clamd project looks much more up-to-date (Aug. 2014). It can scan a stream, which might be the way I'll go for scanning files as they are uploaded.

Chris McGinlay
  • 285
  • 2
  • 10