File uploads, attachments, archives and other content imported through the pipeline or webdav can be scanned for viruses using ClamAV. This topic covers how to configure and use ClamAV antivirus protection.
Configure Antivirus Scanner
Check Uploads for Viruses
When Antivirus protection is enabled, files uploaded via webdav or included as file attachments will be scanned by the configured provider, such as ClamAV. The process is:
- The file is uploaded to a protected "quarantine" location.
- The registered antivirus provider is sent a request and scans the file.
- If the antivirus provider determines the file is bad, it is deleted from the quarantine location and the user is notified.
- If the antivirus scan is successful, meaning no virus is detected, the file is uploaded from the quarantine location to the LabKey file system.
When virus checking is enabled, it is transparent to the users uploading virus-free files.
If the antivirus provider determines that the file contains a virus, an alert will be shown to the user either directly as an error message similar to "Unable to save attachments: A virus detected in file: <filename>", or a popup message similar to this:
If a developer wishes to register and use a different virus checking service, they must do the following:
- Create a LabKey module. (See Modules: Java.)
- Create an implementation of org.labkey.api.premium.PremiumService.AntiVirusProvider.
- Register the implementation using PremiumService.get().registerAntiVirusProvider() when the module starts up.