Nextcloud Antivirus for Files

files_antivirus is an antivirus app for Nextcloud using ClamAV or Kaspersky.

Features

🐿️ When the user uploads a file, it's checked
☣️ Infected files will be deleted and a notification will be shown and/or sent via email
🔎 It runs a background job to scan all files
🦺 It will block all uploads if the file cannot be checked to ensure all files are getting scanned.

Requirements

One of

ClamAV as binaries on the Nextcloud server
ClamAV running in daemon mode
Kaspersky Scan Engine running in HTTP mode
Any virus scanner supporting ICAP (ClamAV and Kaspersky are tested, others should work)

Install

Documentation about installing ClamAV and this app can be found in our documentation.

ClamAV Details

This app can be configured to work with the executable or the daemon mode (recommended ❤️) of ClamAV. If this is used in daemon mode, it can connect through network or local file-socket. In daemon mode, it sends files to a remote/local server using the INSTREAM command.

Kaspersky HTTP Details

When running Kaspersky in HTTP mode the SessionTimeout will need to be set to a value higher than default, a value of 10 minutes (600000 millisecond) or higher is recommended to properly deal with larger uploads

ICAP (version 5.0 and later)

The app support the ICAP protocol which is a standard supported by various antivirus software products.

Some additional configuration is required depending on the antivirus software used:

ICAP service: The name of the service the antivirus software expects
ICAP virus response header: The name of the header the antivirus software send the details of the detected virus in

ClamAV ICAP

ICAP service: avscan
ICAP virus response header: X-Infection-Found

Kaspersky ICAP

ICAP service: req
ICAP virus response header: X-Virus-ID

Additionally, the Kaspersky scan engine needs some additional configuration:

"Allow204" should be enabled.
For version 2.0 and later, the virus response header needs to be configured

TLS Encryption

Using TLS encryption for the ICAP connection is supported, this requires the ICAP server to use a valid certificate. If the certificate isn't signed by a trusted certificate authority, you can import the certificate into Nextcloud's certificate bundle using

occ security:certificates:import /path/to/certificate

Name		Name	Last commit message	Last commit date
Latest commit History 1,367 Commits
.github		.github
.tx		.tx
LICENSES		LICENSES
appinfo		appinfo
css		css
img		img
js		js
l10n		l10n
lib		lib
screenshots		screenshots
templates		templates
tests		tests
.gitignore		.gitignore
.nextcloudignore		.nextcloudignore
.php-cs-fixer.dist.php		.php-cs-fixer.dist.php
.scrutinizer.yml		.scrutinizer.yml
AUTHORS.md		AUTHORS.md
CHANGELOG.md		CHANGELOG.md
LICENSE		LICENSE
README.md		README.md
REUSE.toml		REUSE.toml
composer.json		composer.json
composer.lock		composer.lock
krankerl.toml		krankerl.toml
psalm.xml		psalm.xml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Nextcloud Antivirus for Files

Features

Requirements

Install

ClamAV Details

Kaspersky HTTP Details

ICAP (version 5.0 and later)

ClamAV ICAP

Kaspersky ICAP

TLS Encryption

About

Releases 46

Packages

Contributors 59

Languages

License

nextcloud/files_antivirus

Folders and files

Latest commit

History

Repository files navigation

Nextcloud Antivirus for Files

Features

Requirements

Install

ClamAV Details

Kaspersky HTTP Details

ICAP (version 5.0 and later)

ClamAV ICAP

Kaspersky ICAP

TLS Encryption

About

Resources

License

Security policy

Stars

Watchers

Forks

Releases 46

Packages 0

Contributors 59

Languages

Packages