https://github.com/discourse/discourse-antivirus

Scan your Discourse uploads.
https://github.com/discourse/discourse-antivirus

discourse-plugin

Last synced: 3 months ago
JSON representation

Scan your Discourse uploads.

• Host: GitHub
• URL: https://github.com/discourse/discourse-antivirus
• Owner: discourse
• License: mit
• Created: 2020-06-10T19:20:30.000Z (about 5 years ago)
• Default Branch: main
• Last Pushed: 2024-08-05T11:19:04.000Z (11 months ago)
• Last Synced: 2024-08-05T13:08:24.705Z (11 months ago)
• Topics: discourse-plugin
• Language: Ruby
• Homepage:
• Size: 348 KB
• Stars: 12
• Watchers: 22
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# discourse-antivirus

Scan your Discourse uploads using ClamAV.

## Using the plugin in production

To use this plugin in production, you must provide an SRV record that resolves to the hostnames/ports where ClamAV is running. See the `antivirus_srv_record` site setting.

## Using the plugin locally

To communicate with your local ClamAV server, add the `clamav_hostname` and `clamav_port` variables to your `discourse.conf` file.

## Background scans

The plugin will perform background scans regularly. We use the following cadence to scan files: 

- Scan an upload if we never scanned it before.

- Scan on every ClamAV database update until the upload is one week old.

- Re-scan occasionally but at ever-increasing intervals independently of definition updates

## Real-time Scanning

We scan uploads before they get uploaded to the store by listening to the `:before_upload_creation` event, and sending the file to the antivirus. 

We skip images by default, enable the `antivirus_live_scan_images` site setting if you want to real-time scan them.

## Testing the plugin

If you're looking for a file to upload and test the plugin yourself, take a look at the [EICAR test file](https://en.wikipedia.org/wiki/EICAR_test_file)