I personally recommend Sophos, this has worked well in our production environment. Cheers Gabe ----- Original message ----- From: Cristian Bichis <cristi@xxxxxxxxx> To: php-general@xxxxxxxxxxxxx Subject: AV scanning for file uploads Date: Fri, 28 Mar 2014 12:27:15 +0200 Hi, I am interested what solutions do you guys are using for AV scanning of uploaded files (uploaded through PHP). For start I am analyzing Clamav options. Target OS is Linux / Debian. PHP version for the app is 5.4/5.5. 1. I made some tests for an app and it seems using php-clamav extension (http://php-clamav.sourceforge.net/) is a no go because of out of limit RAM/CPU usage and overall scan time. 2. Another solution is to use on-demand clamdscan which works much better as it uses clamd. However, it could be some issues I didnt tested yet: * if at same time with scanning there is a http request for that file what is happening * if at same time with scanning by PHP there is a move operation on that file I am not sure what is happening 3. I am reviewing as well on-access Clamuko. This is supposed to work properly within an uploads folder (where could be files moving in and out) ? Cristian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
