ClamAV - FORMCYCLE Wiki

This plugin can only be used with {{formcycle/}} version 7.0.13 or higher.

[[**Plugin download**>>https://customer.formcycle.eu/index.php/apps/files/?dir=/FORMCYCLE%20-%20Plugins%20Customer/fc-plugin-malware-scanner/ClamAV&fileid=40404]]

8

A TCP connection must be set up to use the ClamAV-daemon service to scan the uploaded files.

13

14

15

It is possible to use ClamAV to scan for malware in uploaded elements of the backend as well as of delivered forms. For this purpose, this plugin is required as an activated system plugin and a running ClamAV-daemon service that can be accessed via TCP.

16

17

After this plugin has been installed, it must be configured. The configuration consists of specifying which {{smallcaps}}host:port{{/smallcaps}} combination is to be used. Furthermore, the transfer can be done with a {{smallcaps}}InputStream{{/smallcaps}} or working straight on the path.

== Configuration ==

If no connection can be established to the specified host, this message is displayed.

23

24

25

The following configuration parameters exist:

26

27

; host (Required)

28

: Host name or IP address of the server running ClamAV-daemon. The standard port is {{smallcaps}}127.0.0.1{{/smallcaps}}, since ClamAV-daemon should be running on the same server as {{formcycle/}}.

29

; port (Required)

30

: The default port of ClamAV-daemon is {{smallcaps}}3310{{/smallcaps}}. If the port is different, it must be specified here.

31

; file-source

32

: By default, the element to be checked is transferred via Java's {{smallcaps}}InputStream{{/smallcaps}}. If the value {{smallcaps}}path{{/smallcaps}} is entered here, the path is used directly - whereby the ClamAV-daemon service must have root rights.

33

34

After saving, a ping test is automatically executed. If this fails, a corresponding message is displayed. In this case, all uploads in the backend or in the form are marked as faulty - the plugin should first be deactivated and a functioning connection established.

35

36

== ClamAV settings ==

37

38

The following section discusses important configuration steps of ClamAV-Daemon. Our recommended scenario is to install {{formcycle/}} and the ClamAV-Daemon service on the same server.

39

40

Since the actual virus scanning takes place separately from {{formcycle/}}, take care to keep the virus signature database up-to-date via {{smallcaps}}freshclam{{/smallcaps}}.

41

42

This plugin transmits the elements to be examined via TCP, which is deactivated by default in ClamAV-daemon. To enable it, the configuration file: {{smallcaps}}/etc/clamav/clamd.conf{{/smallcaps}} has to be edited.

43

44

The following parameters have to be added to the file:

45

46

; TCPAddr (Required)

47

: Shall be added and specified with the value {{smallcaps}}127.0.0.1{{/smallcaps}}.

48

; TCPSocket (Required)

49

: Shall be added and specified with the value {{smallcaps}}3310{{/smallcaps}} or different, if the port is occupied.

50

; User

51

: By default this is {{smallcaps}}clamav{{/smallcaps}} and has to be changed to {{smallcaps}}root{{/smallcaps}} to give root rights to the ClamAV-daemon service.

52

53

54

With the help of {{smallcaps}}netstat{{/smallcaps}} the TCP socket of the ClamAV-daemon service can be examined.

55

56

57

In order for this plugin to address the ClamAV-daemon service, the service has to be listening in the right place - in this case at {{smallcaps}}127.0.0.1:3310{{/smallcaps}}. This can be checked by the following command in the terminal:

58

59

60

sudo netstat -anp | grep -E "(clam)"

61

62

Wiki source code of ClamAV

Navigation

author	version	line-number	content
		1	{{info}}
		2	{{version major="7" minor="0" patch="13" showInfo="true"}}
		3	This plugin can only be used with {{formcycle/}} version 7.0.13 or higher.
		4	{{/version}}
		5	{{/info}}
		6
		7	[[Plugin download>>https://customer.formcycle.eu/index.php/apps/files/?dir=/FORMCYCLE%20-%20Plugins%20Customer/fc-plugin-malware-scanner/ClamAV&fileid=40404]]
		8
		9	{{content/}}
		10
		11	{{figure image="en_plugin.png" width="600"}}
		12	A TCP connection must be set up to use the ClamAV-daemon service to scan the uploaded files.
		13	{{/figure}}
		14
		15	It is possible to use ClamAV to scan for malware in uploaded elements of the backend as well as of delivered forms. For this purpose, this plugin is required as an activated system plugin and a running ClamAV-daemon service that can be accessed via TCP.
		16
		17	After this plugin has been installed, it must be configured. The configuration consists of specifying which {{smallcaps}}host:port{{/smallcaps}} combination is to be used. Furthermore, the transfer can be done with a {{smallcaps}}InputStream{{/smallcaps}} or working straight on the path.
		18
		19	== Configuration ==
		20
		21	{{figure image="en_error.png" width="400"}}
		22	If no connection can be established to the specified host, this message is displayed.
		23	{{/figure}}
		24
		25	The following configuration parameters exist:
		26
		27	; host (Required)
		28	: Host name or IP address of the server running ClamAV-daemon. The standard port is {{smallcaps}}127.0.0.1{{/smallcaps}}, since ClamAV-daemon should be running on the same server as {{formcycle/}}.
		29	; port (Required)
		30	: The default port of ClamAV-daemon is {{smallcaps}}3310{{/smallcaps}}. If the port is different, it must be specified here.
		31	; file-source
		32	: By default, the element to be checked is transferred via Java's {{smallcaps}}InputStream{{/smallcaps}}. If the value {{smallcaps}}path{{/smallcaps}} is entered here, the path is used directly - whereby the ClamAV-daemon service must have root rights.
		33
		34	After saving, a ping test is automatically executed. If this fails, a corresponding message is displayed. In this case, all uploads in the backend or in the form are marked as faulty - the plugin should first be deactivated and a functioning connection established.
		35
		36	== ClamAV settings ==
		37
		38	The following section discusses important configuration steps of ClamAV-Daemon. Our recommended scenario is to install {{formcycle/}} and the ClamAV-Daemon service on the same server.
		39
		40	Since the actual virus scanning takes place separately from {{formcycle/}}, take care to keep the virus signature database up-to-date via {{smallcaps}}freshclam{{/smallcaps}}.
		41
		42	This plugin transmits the elements to be examined via TCP, which is deactivated by default in ClamAV-daemon. To enable it, the configuration file: {{smallcaps}}/etc/clamav/clamd.conf{{/smallcaps}} has to be edited.
		43
		44	The following parameters have to be added to the file:
		45
		46	; TCPAddr (Required)
		47	: Shall be added and specified with the value {{smallcaps}}127.0.0.1{{/smallcaps}}.
		48	; TCPSocket (Required)
		49	: Shall be added and specified with the value {{smallcaps}}3310{{/smallcaps}} or different, if the port is occupied.
		50	; User
		51	: By default this is {{smallcaps}}clamav{{/smallcaps}} and has to be changed to {{smallcaps}}root{{/smallcaps}} to give root rights to the ClamAV-daemon service.
		52
		53	{{figure image="en_tcp_test.png"}}
		54	With the help of {{smallcaps}}netstat{{/smallcaps}} the TCP socket of the ClamAV-daemon service can be examined.
		55	{{/figure}}
		56
		57	In order for this plugin to address the ClamAV-daemon service, the service has to be listening in the right place - in this case at {{smallcaps}}127.0.0.1:3310{{/smallcaps}}. This can be checked by the following command in the terminal:
		58
		59	{{code language="shell"}}
		60	sudo netstat -anp \| grep -E "(clam)"
		61	{{/code}}
		62