ClamAV

Plugin download

Content [ Hide ]

A TCP connection must be set up to use the ClamAV-daemon service to scan the uploaded files.

It is possible to use ClamAV to scan for malware in uploaded elements of the backend as well as of delivered forms. For this purpose, this plugin is required as an activated system plugin and a running ClamAV-daemon service that can be accessed via TCP.

After this plugin has been installed, it must be configured. The configuration consists of specifying which host:port combination is to be used. Furthermore, the transfer can be done with a InputStream or working straight on the path.

Configuration

If no connection can be established to the specified host, this message is displayed.

The following configuration parameters exist:

host (Required)
Host name or IP address of the server running ClamAV-daemon, 127.0.0.1 if the service is running on the same server as Xima® Formcycle.
port
The default port of ClamAV-daemon is 3310. If the port is different, it must be specified here.
file-source
By default, the element to be checked is transferred via Java's InputStream. If the value path is entered here, the path is used directly - whereby the ClamAV-daemon service must have root rights.

After saving, a ping test is automatically executed. If this fails, a corresponding message is displayed. In this case, all uploads in the backend or in the form are marked as faulty - the plugin should first be deactivated and a functioning connection established.

ClamAV settings

The following section describes important configuration steps of ClamAV-daemon. In this scenario, Xima® Formcycle is installed on a Debian based server and the ClamAV-daemon service is running on the same system.

Since the actual virus scanning takes place separately from Xima® Formcycle, take care to keep the virus signature database up-to-date via freshclam.

This plugin transmits the elements to be examined via TCP, which is deactivated by default in ClamAV-daemon. To enable it, the configuration file: /etc/clamav/clamd.conf has to be edited.

The following parameters have to be added to the file:

TCPAddr (Required)
Shall be added and specified with the value 127.0.0.1.
TCPSocket (Required)
Shall be added and specified with the value 3310 or different, if the port is occupied.
User
By default this is clamav and has to be changed to root to give root rights to the ClamAV-daemon service.

With the help of netstat the TCP socket of the ClamAV-daemon service can be examined.

In order for this plugin to address the ClamAV-daemon service, the service has to be listening in the right place - in this case at 127.0.0.1:3310. This can be checked by the following command in the terminal:

sudo netstat -anp | grep -E "(clam)"