Changes for page ClamAV

Summary

• Page properties (1 modified, 0 added, 0 removed)

Details

Page properties

Content

...	...	@@ -1,1 +1,57 @@
1		-ClamAV
	1	+[[**Plugin download**>>https://customer.formcycle.eu/index.php/apps/files/?dir=/FORMCYCLE%20-%20Plugins%20Customer/fc-plugin-malware-scanner/ClamAV&fileid=40404]]
	2	+
	3	+{{content/}}
	4	+
	5	+{{figure image="en_plugin.png" width="600"}}
	6	+ A TCP connection must be set up to use the ClamAV-daemon service to scan the uploaded files.
	7	+{{/figure}}
	8	+
	9	+It is possible to use ClamAV to scan for malware in uploaded elements of the backend as well as of delivered forms. For this purpose, this plugin is required as an activated system plugin and a running ClamAV-daemon service that can be accessed via TCP.
	10	+
	11	+After this plugin has been installed, it must be configured. The configuration consists of specifying which {{smallcaps}}host:port{{/smallcaps}} combination is to be used. Furthermore, the transfer can be done with a {{smallcaps}}InputStream{{/smallcaps}} or working straight on the path.
	12	+
	13	+== Configuration ==
	14	+
	15	+{{figure image="en_error.png" width="400"}}
	16	+ If no connection can be established to the specified host, this message is displayed.
	17	+{{/figure}}
	18	+
	19	+The following configuration parameters exist:
	20	+
	21	+; host (Required)
	22	+: Host name or IP address of the server running ClamAV-daemon, {{smallcaps}}127.0.0.1{{/smallcaps}} if the service is running on the same server as {{formcycle/}}.
	23	+; port
	24	+: The default port of ClamAV-daemon is {{smallcaps}}3310{{/smallcaps}}. If the port is different, it must be specified here.
	25	+; file-source
	26	+: By default, the element to be checked is transferred via Java's {{smallcaps}}InputStream{{/smallcaps}}. If the value {{smallcaps}}path{{/smallcaps}} is entered here, the path is used directly - whereby the ClamAV-daemon service must have root rights.
	27	+
	28	+After saving, a ping test is automatically executed. If this fails, a corresponding message is displayed. In this case, all uploads in the backend or in the form are marked as faulty - the plugin should first be deactivated and a functioning connection established.
	29	+
	30	+== ClamAV settings ==
	31	+
	32	+The following section describes important configuration steps of ClamAV-daemon. In this scenario, {{formcycle/}} is installed on a Debian based server and the ClamAV-daemon service is running on the same system.
	33	+
	34	+Since the actual virus scanning takes place separately from {{formcycle/}}, take care to keep the virus signature database up-to-date via {{smallcaps}}freshclam{{/smallcaps}}.
	35	+
	36	+This plugin transmits the elements to be examined via TCP, which is deactivated by default in ClamAV-daemon. To enable it, the configuration file under: {{smallcaps}}/etc/clamav/clamd.conf{{/smallcaps}}.
	37	+
	38	+Folgende Parameter müssen der Datei hinzugefügt werden:
	39	+
	40	+; TCPAddr (Erforderlich)
	41	+: Soll hinzugefügt und mit dem Wert {{smallcaps}}127.0.0.1{{/smallcaps}} angegeben werden.
	42	+; TCPSocket (Erforderlich)
	43	+: Soll hinzugefügt und mit dem Wert {{smallcaps}}3310{{/smallcaps}} angegeben werden oder abweichend, falls der Port anderweitig genutzt werden soll.
	44	+; User
	45	+: Ist standardmäßig {{smallcaps}}clamav{{/smallcaps}} und muss zu {{smallcaps}}root{{/smallcaps}} geändert werden um dem Clamav-Daemon Service root Rechte zu geben.
	46	+
	47	+{{figure image="en_tcp_test.png"}}
	48	+ Mithilfe von {{smallcaps}}netstat{{/smallcaps}} kann der TCP Socket vom Clamav-Daemon Service untersucht werden.
	49	+{{/figure}}
	50	+
	51	+Damit dieses Plugin den Clamav-Daemon Service ansprechen kann, muss der Service an der richtigen Stelle zuhören - in diesem Fall unter {{smallcaps}}127.0.0.1:3310{{/smallcaps}}. Das kann durch folgenden Befehl im Terminal überprüft werden:
	52	+
	53	+{{code language="shell"}}
	54	+sudo netstat -anp | grep -E "(clam)"
	55	+{{/code}}
	56	+
	57	+