Anti-Virus integration

[Alpha1]

To identify viruses and trojans anti-virus software is a necessity. It would be very useful if XenForo would integrate with popular anti-virus for servers. Optimally it would work like this:

Attachments should be scanned on upload.
Rebuild caches would have a scanner function
Crons could have a scanner function.
Infected files get quarantined
Forum Content gets moderated states with a clear warning for staff why.
Setting to moderate or soft/hard delete content.
Moderators should be alerted about infected attachments. This allows them to quickly discover infected content.

 

[Fred.]

This has nothing to do with Xenforo. This has to be done server side. Just install clamav.
If someone is trying to upload a infected file on my server it's rejected or quarantined.

 

[Alpha1]

Server side scanning is only part of the process.
Antivirus including ClamAV will also identify infected files years after upload. Anti-Virus can only alert, delete or quarantine the files, but the latter 2 options leaves your board with content that has missing files. This needs to be cleaned up on the front end. And there may be an issue with malicious users uploading malware. In which case the members need to be reviewed and dealt with.

 

[Alpha1]

We are currently using bd attachments to store our attachment files on cheap Digital Ocean Spaces. It cannot run applications like anti-virus as there is no OS to install on. Its file hosting only. Anti-virus scanning needs to be done from application side.

 

[Chromaniac]

Just started using DO Spaces and enabled file attachments on my board and this was one of the first question that came to my mind. I have read tweets that claim that bigger cloud platforms like Azure and AWS has marketplace apps that can do this for you (scanning your object storage)... DO Spaces does not seem to have anything similar. I guess it's safer to stick to restricting support for images alone in my case

 

[Orit]

I'd like this too!!

 

[Suzanne O]

Mate, you're better off buying your own anti virus software and scanning your stuff there

 

[Mendalla]

Mate, you're better off buying your own anti virus software and scanning your stuff there

His point is not that XF should be doing the scanning, but that it should be able to work with the A-V software so things like attachments being picked up as infected or as malware themselves generate an alert to staff right in XF and deal with the issue in a way other than just breaking the post to which the attachment is linked. Seems to me like a huge ask but would definitely help on sites with lots of uploading.

 

[Forsaken]

Mate, you're better off buying your own anti virus software and scanning your stuff there

the point of the thread is to allow integration with server side anti-virus, for user-uploaded files, not for files he is personally downloading.

It's a rare use case where this would be needed, but having owned site that had a lot of zip/exe uploads in the past, this would have been an almost mandatory requirement.

 

[TPerry]

Mate, you're better off buying your own anti virus software and scanning your stuff there

The point isn't "scanning your own software". It's simply having existing server level software on a site (usually would require a VPS or dedicated server) like Clam-AV to scan any uploads to confirm that those uploads by OTHERS are free from infection, thereby somewhat assuring your users that anything they download from your site is not infected and has been scanned.
Not really different than how, by default, mailcow-dockerized installs Clam-AV during it's setup and is configured to scan the mail it processes for the users.
It's really not a bad idea, especially for sites that use XFRM.
It also comes into play because many times users may attach .ZIP/.EXE/.ARJ/.BAT/.CMD/.SCR files to a post... all of which could be infected and the extensions depend on what the admin has set up to allow as valid extensions.

 

[Suzanne O]

His point is not that XF should be doing the scanning, but that it should be able to work with the A-V software so things like attachments being picked up as infected or as malware themselves generate an alert to staff right in XF and deal with the issue in a way other than just breaking the post to which the attachment is linked. Seems to me like a huge ask but would definitely help on sites with lots of uploading.

Stop being lazy.
I have trend micro doing mine thanks.

 

[TPerry]

Stop being lazy

It's not "being lazy"... it's showing good stewardship for your users.
And in some niches, "patches" uploaded to either the XFRM or even in threads.... so being able to assure your users that they have been scanned gives them a better feeling of safety... of course, ANY user should always check out a downloaded file... but not all of them do.

 

[TPerry]

Why do you continue to engage this doof?

To give the alternative view. Maybe one day he'll actually see what everyone else is telling him.
Honestly, sometimes limited exposure to things results in a limited view. He's probably never had first hand exposure to virus scanning at the server level in a case like this. All he knows to associate is "his desktop AV software", never realizing that there is the ability to do upstream virus/malware/trojan scanning. Heck, my SonicWall does that at my house, albeit I have to pay a subscription for the professional level and I don't have to run software on any of my multitude of computers/servers in the house.. It makes it nice because I also bring computers in for friends and do work here, and I can segment them off from my normal network and still get access to the internet and have their inbound traffic be clean.