Mod_security2 and clamav to catch malicious files on upload
anti-virusclamavmod-securityupload
Is there a clear documentation to describe the solution?
It's very common and also necessary.
Best Answer
Maybe this blogpost is useful for you. It explains how to setup modsecurity2 with apache on debian BUT it is written in german. It should be understandable if you only read the "commands" which are in english anyway.
Update your sources.list
apt-get install libapache2-mod-security2
vi /etc/apache2/apache2.conf
Add the following:
<IfModule mod_security2.c>
# Basic configuration options
SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess Off
# Handling of file uploads
# TODO Choose a folder private to Apache.
# SecUploadDir /opt/apache-frontend/tmp/
SecUploadKeepFiles Off
After you make changes to any configuration files used by Apache, and that includes php.ini, you need to have Apache reload the files. This is most often done using apachectl graceful but as you haven't told us what OS you're using that command may ormay not be correct for you.
Check to make sure the permissions are set so that clam can actually write to /mnt/clamav/clamav.log. You can use chmod to change the permissions of the file. It could also be that the the drive mounted is stated in /etc/fstab to be read-only.
Best Answer
Maybe this blogpost is useful for you. It explains how to setup modsecurity2 with apache on debian BUT it is written in german. It should be understandable if you only read the "commands" which are in english anyway.
vi /etc/apache2/apache2.conf
Add the following:
Restart apache /etc/init.d/apache2 restart