Virus protection for a Forum Site

Forum Moderators: phranque

Message Too Old, No Replies

Virus protection for a Forum Site

matthewamzn

8:07 pm on Mar 21, 2006 (gmt 0)

I have a forum on my website. It uses a mysql database. It's on my dedicated server. Members upload photos and sometimes short videos. I'm concerned about viruses. What's a good solution?

My Server Specs
Celeron 2.4, 512MB RAM, 1x 80gig IDE
Linux Fedora Core 2
Plesk 7.5

webdoctor

9:00 am on Mar 22, 2006 (gmt 0)

You could set up antivirus software e.g. ClamAV and configure things so that any uploaded files are scanned before they are displayed on your site.

Do you store uploaded images and videos as BLOBs in MySQL or as regular files somewhere?

matthewamzn

12:05 pm on Mar 22, 2006 (gmt 0)

Some are stored in mysql and some as regular files. What's more secure?

webdoctor

12:41 pm on Mar 22, 2006 (gmt 0)

I was just thinking that your average virus scanner isn't going to struggle to scan BLOBs within a SQL database. ... and if it DID find a virus, it might just quarantine/delete the entire database. Not what you want ;-)

As part of the upload process, you could write the file out to a temporary directory of your choosing, then run the virus scanner against it (command-line mode), check the returncode, and then if the file is clean either move it to its proper location or insert it as a BLOB.