Hi Gabe,
You dont had any problems with on-access scanning and doing at same time
http-delivery for these files, or moving them around ?
I guess on-access scanning works by only scanning when there is a new
file or when an existing file is modified, not actually at read-access ?
Cristian
Hi Christian
Nothing special, it just runs as a daemon and is configured for
on-access scanning. Set up a whole bunch of directories to exclude (like
MySQL data directories), but just ensured that temp directories and php
session directories are included. Over the years it has quarantined
plenty of questionable uploads.
You'll have to buy a license for Sophos which can be a pain/expensive,
but I suspect ClamAV could work in just the same way, I just can't vouch
for it's effectiveness because I have not used it in production.
Cheers
Gabe
----- Original message -----
From: Cristian Bichis <cristi@xxxxxxxxx>
To: php-general@xxxxxxxxxxxxx
Subject: Re: AV scanning for file uploads
Date: Fri, 28 Mar 2014 12:39:04 +0200
Hi,
How do you use Sophos for your app ?
1. PHP extension (there is such extension ?) call on-demand ?
2. on demand from CLI (or suing shell_execute)
3. on-access scanning ?
Cristian
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
