phpMussel - PHP-based anti-virus, anti-trojan, anti-malware solution

adwade

Well-known member
I've searched for any information on viruses/trojans on xenforo here and didn't turn much of anything up, especially on the server side. However, since I tripped across this PHP script I thought I would share it and learn some things from the more seasoned admins here if they care to discuss it. :)

What caught my eye about it was the "Ideal solution for forum systems in need of file upload protection" statement. Especially since Local File Inclusion attacks on websites, are often due to the website itself being used as the upload medium. :eek: This is all WAY above my head, but I just wondered if/how others proteceted their forums from malicious uploads.

Reference: phpMussel on sourceforge -and- phpMussel on GitHub

What is phpMussel?
An ideal solution for shared hosting environments, where it's often not possible to utilise or install conventional anti-virus protection solutions, phpMussel is a PHP script designed to detect trojans, viruses, malware and other threats within files uploaded to your system wherever the script is hooked, based on the signatures of ClamAV and others.
Features:
• Licensed as GNU General Public License version 2.0 (GPLv2).
• Easy to install, easy to customise, easy to use.
• Works for any system with PHP+PCRE installed, regardless of OS (PHP+PCRE required).
• Fully configurable based on your needs.
• Ideal solution for shared hosting services.
Ideal solution for forum systems in need of file upload protection.
• Does NOT require shell access.
• Does NOT require administrative privileges.
• CLI mode available (for now, just under Windows, very soon with other OS).
• Good, strong, stable support base.


*If this thread is posted in the wrong forum, moderators please feel free to move it to wherever it fits best.
 
I just wanted to report back, that I got PHP Mussel installed and running with XenForo some while ago.

My only issue was the Signature File phpMussel uses was being seen by ClamAV as a threat due to a gzbase64 syntax issue (more here), but that was quickly resolved. My current host uses ClamAV to do an automatic daily virus check of the entire site, but PHP Mussel allows me to keep undesirable files from even being uploaded. :D

Anyway, the only semi-bad news is 'if/when' a user attempts to upload a bad file it appears to hang the process at 0% w/o any explanation. Thus, their first logical step is to complain to me about such and then I know to screen that user very carefully going forward. (y)
 
Thanks for the suggestion. I've never written a Resource Manager Article, but I'll figure it out and do so over the next week or two and then report having done such back here.
 
Top Bottom