cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

scanning uploaded documements for viruses in CF

Nick Way
Participant ,
Dec 04, 2008 Dec 04, 2008

Copy link to clipboard

Copied

hi guys

currently everytime a user uploads a document to our application it is emailed to one of our pc's in the office where we scan it for viruses and then (assuming it's ok) we then make an entry in the application's database to state that that user's document is ok so they can do stuff with it

bit of a long way round, so i'm hoping to implement something that is all based on the server

eg:

1 user uploads document to server
2 cf reads filename of document
3.cf then passes the filename/path to some antivirus tool installed on the server
4.this antivirus tool scans just that document
5.the antivirus tool then feedsback to cf
6.coldfusion takes necessary action:
-if document ok, mark as such in db
-if document bad, cf deletes it and warns user they may have a virus (and warns us they may be a hacker!)

i can do all of this easy peasy, except steps 3,4 and 5

does anyone have any advice for me?

my isp has Dr.Web® anti-virus for Windows installed on our server so it'd be good to use that if poss - anyone know how cf can talk to it?

if not does anyone have any other suggestions?

thanks very much in advance

kind regards

Nick
TOPICS
Advanced techniques

Views

374

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 2 Replies 2
latest latest Jump to latest reply
Newsgroup_User
LEGEND ,
Dec 04, 2008 Dec 04, 2008

Copy link to clipboard

Copied

> 3.cf then passes the filename/path to some antivirus tool installed on the
> server
> 4.this antivirus tool scans just that document
> 5.the antivirus tool then feedsback to cf

The easiest way to "pass the [file] to some antivirus tool installed on the
server" is to just let CF try to write the file to disk. Provided the AV
scanner is running real time, it'll pick up the attempt to write to disk
and block it if there's a problem. This will bubble up to CF as a "can't
write file" exception.

There's a "test virus" called eicar.com
( http://en.wikipedia.org/wiki/Eicar_test_file) which is harmless, but all
AV scanners are programmed to pick it up as a threat. You can use it to
test you upload code.

--
Adam

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Nick Way
Participant ,
Dec 05, 2008 Dec 05, 2008

Copy link to clipboard

Copied

LATEST
Thanks Adam

That sounds like a nice simple solution - thanks very much indeed, I really appreciate your reply - thank you.

Any more for any more?

Cheers

Nick

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Copyright © 2023 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices