Virus scanning for file uploads with clamav/php

Download and install the following packages, in case your repository has those package just use the management tool to install.

Ubuntu/Debian/Mint

# apt-get install clamav clamav-db clamd clamav-devel php-devel

Redhat

# yum install php-devel
# wget http://pkgs.repoforge.org/clamav/clamav-0.97.7-1.el5.rf.i386.rpm
# wget http://pkgs.repoforge.org/clamav/clamav-db-0.97.7-1.el5.rf.i386.rpm
# wget http://pkgs.repoforge.org/clamav/clamd-0.97.7-1.el5.rf.i386.rpm
# wget http://pkgs.repoforge.org/clamav/clamav-devel-0.97.7-1.el5.rf.i386.rpm
# rpm -Uvh clam*
# freshclam
# service clamd start

Configure php-clamav

Download php-clamav from from sf.net

# wget http://downloads.sourceforge.net/project/php-clamav/0.15/php-clamav_0.15.7.tar.gz
# tar xvzf php-clamav_0.15.7.tar.gz
# cd php-clamav-0.15.7/
# phpize
#./configure –with-clamav
# make
# cp modules/clamav.so /usr/lib/php/modules/

Add the modules to php.ini if required.

extension=clamav.so

Make sure the module is loaded

# php -i | grep -i clam
clamav

Incase you see the following error create a symlink to clamav path
LibClamAV Error: cl_load(): Can’t get status of /var/lib/clamav

# ln -s /var/clamav /var/lib/clamav

Test script
Get the testing virus file from http://www.eicar.org/86-0-Intended-use.html and save it on a file (eg: /tmp/virus.txt)

Create a php script:
cat > check_virus.php

<?php
$file = ‘/tmp/testing.txt’;
$retcode = cl_scanfile($file, $virusname);
if ($retcode == CL_VIRUS) {
echo .”Virus found name : “.$virusname;
} else {
echo .cl_pretcode($retcode);
}
?>

$ php check_virus.php
Virus found name : Eicar-Test-Signature

./arun

  • Tim

    Thanks for this blog post this actually helped me solving an issue with php-clamav installation. ClamAV seem to work on command line but fails to load in PHP. You will get php_minfo_function erros in phpinfo() and warnings in the test script of php-clamav.

  • http://arunnsblog.com/ Arun N S

    Glad to hear that. Did you manage to get rid of the php error?