All geek questions in one place

Free server-side protection / protection / trojan protection for downloading files?

I allow users to upload photos, such as photo albums, as well as attach files (documents at the moment) as email attachments. Therefore, I assume that I need an in-place antivirus / security tool to scan files first if people download infected materials. So, two questions: 1) Are there any “free” or open source tools for this that I can use or integrate into my environment: codeignitor php? 2) How to protect the boot area from the rest of the system? Say that the virus scanner cannot be infected and it loads, how to prevent infection of other files? How can the boot area be isolated with sand or something else and use this file path to access the content so that it does not spread to other parts of the system?

+3
source share
2 answers

There is clamav for a free antivirus scanner. Install it and you can do something like:

function virus_detected($filename)
{
        $clamscan = "/usr/local/bin/clamscan";
        $result = exec("$clamscan -i --no-summary $filename");
        return strlen($result)?true:false;
}

For security, make sure that temporary files are uploaded to a directory outside of your web root. Then you should check the file type, rename the file to another name of the original and add the corresponding extension (gif, jpg, bmp, png). I believe this should keep you safe besides exploits in php itself.

Additional information about checking file types in php check: http://www.php.net/manual/en/function.finfo-file.php

+2
source

, , , - , , PHP, , , , - , , phpMussel, PHP script, ClamAV, , Rohit ( ) ( PHP CMS ), . , , , , , , , , .

, , ClamScan , , , , -, - - Rohit, . , , PHP script, , , PHP , , , / - , , ), , , , - -, PHP ( PCRE, PHP ), .

, , , , (, , , ). - , , . , , , , - , . , , -, . , , ( EXE). , , , , , .

, , , , ; , - - , - , , PHP script , , base64_encode(), bin2hex() - .

+1

Source: https://habr.com/ru/post/1791028/

More articles:


All Articles