Dealing with virus infected files in a file upload…
I am a undergraduate student and a open source enthusiast. I have been working on a web application and I stumbled upon a problem. I haven’t been able to find any good solutions to the problem yet. I’ve tried googling, but without successs
Here’s my problem:
I’m working on a open source web application which can be downloaded by anyone and hosted on his own webserver. Let me give an example, say wordpress blogging engine. One can download wordpress sourcecode from wordpress.org and host it on his own webserver. The webserver can be IIS running on Windows or apache running on linux. Using this application, end users can upload files (images, text, doc, videos etc) to the server using a upload option on the site.
I have to check the file to make sure that it is not infected with a virus.
If it were a dedicated webserver hosted in a single place, I would have used clamAV for linux or Norton for windows. But we’re talking about a web application that will be downloaded by users and hosted by them on their own servers – we do not know before hand whether it will be a linux machine or a windows machine.
The application is written in PHP. Are there any modules in PHP that I could add as a helper module in my application and use it to check uploaded files for malicious content ?
I’m a undergraduate student and have little or no exposure to web server security. I believe most of the people here are server administrators and I’d like to know how they handle security issues especially for files uploaded by users.
Looking forward to some enlightenment on this issue,
Source: