Virus scanning for file uploads with clamav/php

Download and install the following packages, in case your repository has those package just use the management tool to install.


# apt-get install clamav clamav-db clamd clamav-devel php-devel


# yum install php-devel
# wget
# wget
# wget
# wget
# rpm -Uvh clam*
# freshclam
# service clamd start

Configure php-clamav

Download php-clamav from from

# wget
# tar xvzf php-clamav_0.15.7.tar.gz
# cd php-clamav-0.15.7/
# phpize
#./configure –with-clamav
# make
# cp modules/ /usr/lib/php/modules/

Add the modules to php.ini if required.

Make sure the module is loaded

# php -i | grep -i clam

Incase you see the following error create a symlink to clamav path
LibClamAV Error: cl_load(): Can’t get status of /var/lib/clamav

# ln -s /var/clamav /var/lib/clamav

Test script
Get the testing virus file from and save it on a file (eg: /tmp/virus.txt)

Create a php script:
cat > check_virus.php

$file = ‘/tmp/testing.txt’;
$retcode = cl_scanfile($file, $virusname);
if ($retcode == CL_VIRUS) {
echo .”Virus found name : “.$virusname;
} else {
echo .cl_pretcode($retcode);

$ php check_virus.php
Virus found name : Eicar-Test-Signature


Upgrading php to 5.2 or 5.3 in Redhat EL 5

Unfortunately RHEL 5 does not have php.5.2 package, which is required by most of the applications including latest wordpress and drupal.

First thought of compiling php from source, but hard to keep it uptodate. So decided to make the life easier with EPEL/IUS repositories.

Remove all existing php related packages:

# rpm -e php php-mysql php-cli php-pdo php-common

Download and install the EPEL/IUS RPMs

# wget

# wget

incase if the list not working just browse and find the rpm.

Install the RPMs

# rpm -Uvh *-release-*.rpm

Now you can install php 5.2 or 5.3 like:

# yum install php52 php52-mysql



get rid of apache@localhost in received email headers

There is a good change that the foreign email servers will drop if the sender email headers are not properly formatted.
Anyway if you get apache@localhost in Received header (with postfix/apache/php), you can change the php.ini, sendmail_path program to use sendmail.postfix instead of sendmail binary.

like : sendmail_path = /usr/sbin/sendmail.postfix -t -i -f