ClamAVPlugin

ClamAVPlugin uses the clamav daemon to scan attachments for viruses before they are attached. This can be helpful, in case twiki is used as a catalog of software or if it is likely that users upload executables/scripts and other possible malicious data.

Configuration

The following variables can be set in lib/LocalSite.cfg:

If nothing set, ClamAVPlugin will default to /var/run/clamav/clamd.sock, which should be fine for most installations.

Note: $TWiki::cfg{Plugins}{ClamAVPlugin}{Port} and $TWiki::cfg{Plugins}{ClamAVPlugin}{Host} take precedence over $TWiki::cfg{Plugins}{ClamAVPlugin}{Socket}.

Example

Example config in lib/LocalSite.cfg:

$TWiki::cfg{Plugins}{ClamAVPlugin}{Host} = 'localhost';
# Non standard port. Standard clamd port is 3310
$TWiki::cfg{Plugins}{ClamAVPlugin}{Port} = '4456';

#$TWiki::cfg{Plugins}{ClamAVPlugin}{Socket} = '/var/run/clamav/clamd.cli';

Plugin Installation Instructions

Note: You do not need to install anything on the browser to use this plugin. The following instructions are for the administrator who installs the plugin on the TWiki server.

• Download the ZIP file from the Plugin web (see below)
• Unzip ClamAVPlugin.zip in your twiki installation directory. Content:

  File:	Description:
  data/TWiki/ClamAVPlugin.txt	Plugin topic
  data/TWiki/ClamAVPlugin.txt,v	Plugin topic repository
  lib/TWiki/Plugins/ClamAVPlugin.pm	Plugin Perl module

• Configure the Plugin:
  • TWiki 4.0 and up: Run the configure script to enable the Plugin
  • Change the Plugin settings as needed
• Test if the installation was successful:
  • Download eicar.com provided on this site and try to upload it to your site. If ClamAVPlugin is correctly installed, it will not be possible.

Todo

• Let user decide what to do if virus is found (delete, contain, what template to show etcetera)
• Log attempts of uploading a virus (maybe just in warndate.txt or on a seperated page).

Demo

• Goto http://twiki-devel.edgarklerks.nl/bin/view.pl/Main/VoorbeeldFileUploadPlugin
• Download eicar.com.txt from the attachments list.
• Upload eicar.com.txt to the page.
• If ClamAVPlugin is working correct (not guaranteed, it is my development server) you shouldn't be able to upload the file and redirected to an oops page.

Plugin Info

• Set SHORTDESCRIPTION = Scan files on virusses with ClamAV before attaching them to a page.

Plugin Author:	TWiki:Main.EdgarKlerks
Copyright:	© 2007, TWiki:Main.EdgarKlerks
License:	GPL (GNU General Public License)
Plugin Version:	11 May 2007 (V1.000)
Change History:
11 May 2007:	Fixed minor bug in configuration, made build script
11 May 2007:	Initial version
TWiki Dependency:	$TWiki::Plugins::VERSION 1.1
CPAN Dependencies:	ClamAV::Client
Other Dependencies:	ClamAV antivirus: see http://www.clamav.net
Perl Version:	5.8.8
Benchmarks:	GoodStyle 97%, FormattedSearch 100%, ClamAVPlugin 100%
Plugin Home:	http://TWiki.org/cgi-bin/view/Plugins/ClamAVPlugin
Feedback:	http://TWiki.org/cgi-bin/view/Plugins/ClamAVPluginDev
Appraisal:	http://TWiki.org/cgi-bin/view/Plugins/ClamAVPluginAppraisal

Related Topics: TWikiPlugins, DeveloperDocumentationCategory, AdminDocumentationCategory, TWikiPreferences

-- TWiki:Main.EdgarKlerks - 11 May 2007