#43 Antivirus Uploads with Clamby

Summary

Name: Antivirus Uploads with Clamby
Uploaded: 2020-07-05 00:00:22 UTC
Duration: 5 min 26 s
Description: Using ClamAV, scan files uploaded to your application for viruses. In the event of a virus learn how to gracefully handle the infected file and notify the user.

Using ClamAV, scan files uploaded to your application for viruses. In the event of a virus learn how to gracefully handle the infected file and notify the user.
rails security uploads 5:26

Mark as Watched Watch Later

8-21-2016 3

Previous (#42) Episode Next (#44)

Resources

Clamby Gem - https://github.com/kobaltz/clamby
Sample Virus - http://www.eicar.org/85-0-Download.html

(Be sure to disable your antivirus when downloading the file and testing your application)

Source - https://github.com/driftingruby/043-antivirus-uploads-with-clamby

Summary

# /usr/local/etc/clamav/clamd.conf
## Around Line 8
# Comment or remove the line below.
# Example

## Around Line 101
# TCP port address.
# Default: no
TCPSocket 3310

# Gemfile
gem 'clamby'

# config/initializers/clamby.rb
Clamby.configure({
  :check => false,
  :daemonize => true,
  :error_clamscan_missing => false,
  :error_file_missing => false,
  :error_file_virus => false
})

If you are raising an error on viruses found, you can rescue from the error in your

# application.rb
  rescue_from Exceptions::VirusDetected do |exception|
    redirect_to root_url, alert: "Virus found on uploaded file."
  end

# models/uploaded_file.rb
  mount_uploader :file, FileUploader
  validate :scan_for_viruses, :if => lambda { self.file_changed? }
  validates :file, presence: true
  private

  def scan_for_viruses
    path = self.file.path
    unless Clamby.safe?(path)
      File.delete(path)
      self.errors.add(:file, "Virus Found." )
    end
  end