Introduction
Most anti-virus software causes a dramatic increase in disk IO and CPU Usage and Atlassian has recommended to limit virus scanning to certain directories
- https://confluence.atlassian.com/confkb/using-antivirus-software-with-confluence-on-windows-952060870.html
- https://confluence.atlassian.com/jirakb/anti-virus-in-jira-applications-398393384.html
However, some organisations still dictate that virus scanner must be enabled.
The Hidden Risk
Apart from the performance overheads, some virus scanners delete the infected attachments silently in the backend after the file has successfully uploaded.
The users will only realised that after clicking on the link to download the attachments to realise a broken link.
The system admins will spend precious time to trace the issue and try to retrieve the deleted files from the backup archives.
This lack of feedback causes a risk that files with important information are lost forever.
How the Attachment Checker helps
On-access Scanner is enabled
- The admin can update the Attachment Checker config to inform the app that there is an antivirus configured in the backend to scan for virus whenever files are being access.
- Whenever a file is uploaded, the Attachment Checker will ensure if the file has been uploaded successfully
- If the file is missing, it will post a comment to the Confluence page to inform the user so that appropriate action can be taken
On-access Scanner is disabled
- The admin can configure the Attachment Checker to execute a command line scan of the file
- Whenever a file is uploaded, the Attachment Checker will execute a scan using the configured path and options only on the file
- This reduces the amount of CPU load by only scanning once for each uploaded file
- If the attachment is infected, it will post a comment to the Confluence page to inform the user so that appropriate action can be taken