Virus Scan

Note: Since Seafile Server 5.0.0, all config files are moved to the central conf folder. Read More.

In Seafile Professional Server 4.4.0 (or above), Seafile can scan uploaded files for malicious content in the background. When configured to run periodically, the scan process scans all existing libraries on the server. In each scan, the process only scans newly uploaded/updated files since the last scan. For each file, the process executes a user-specified virus scan command to check whether the file is a virus or not. Most anti-virus programs provide command line utility for Linux.

To enable this feature, add the following options to seafile.conf:

  1. [virus_scan]
  2. scan_command = (command for checking virus)
  3. virus_code = (command exit codes when file is virus)
  4. nonvirus_code = (command exit codes when file is not virus)
  5. scan_interval = (scanning interval, in unit of minutes, default to 60 minutes)

More details about the options:

  • On Linux/Unix, most virus scan commands returns specific exit codes for virus and non-virus. You should consult the manual of your anti-virus program for more information.

An example for ClamAV (http://www.clamav.net/) is provided below:

  1. [virus_scan]
  2. scan_command = clamscan
  3. virus_code = 1
  4. nonvirus_code = 0

To test whether your configuration works, you can trigger a scan manually:

  1. cd seafile-server-latest
  2. ./pro/pro.py virus_scan

If a virus was detected, you can see scan records and delete infected files on the Virus Scan page in the admin area.
virus-scan

INFO: If you directly use clamav command line tool to scan files, scanning files will takes a lot of time. If you want to speed it up, we recommend to run Clamav as a daemon. Please refer to Run ClamAV as a Daemon

When run Clamav as a daemon, the scan_command should be clamdscan in seafile.conf. An example for Clamav-daemon is provided below:

  1. [virus_scan]
  2. scan_command = clamdscan
  3. virus_code = 1
  4. nonvirus_code = 0

Since Pro edition 6.0.0, a few more options are added to provide finer grained control for virus scan.

  1. [virus_scan]
  2. ......
  3. scan_size_limit = (size limit for files to be scanned)
  4. scan_skip_ext = (a comma (',') separated list of file extensions to be ignored)
  5. threads = (number of concurrent threads for scan, one thread for one file, default to 4)

The file extensions should start with ‘.’. The extensions are case insensitive. By default, files with following extensions will be ignored:

  1. .bmp, .gif, .ico, .png, .jpg, .mp3, .mp4, .wav, .avi, .rmvb, .mkv

The list you provide will override default list.