Virus scanning for uploaded attachments

Owned by Stella
Last updated: Sept 26, 2022 by Angela Teo
3 min read

Introduction

Attachment Checker allows uploaded attachments to be scanned with an external anti-virus scanner.

When an attachment is uploaded, a request is sent to scan the file. The request is handled asynchronously so that users do not have to wait for the scanning to be completed especially if the file is large.

This addresses the feature request raised in JRA-8626 (Virus scan attachments).

Only Confluence administrators can access the configuration page.

All non-zero codes are treated as infected if the virus scanner is unknown. Refer to list of compatible scanners for more info.

When an infection is detected or error occurs during scanning, a comment will be added and the following actions may be taken:

Actions

Description

Actions

Description

Delete file

  • The attachment version is deleted and replaced with a placeholder

  • The placeholder is commented so that users can identify it easily

Users may delete the placeholder version of the file.

Rationale on why a placeholder is used

While we can delete the infected attachment, we are unable to determine where the attachment is being used. It could be a macro or rendered image on another page in another space. Thus, we decided to place a placeholder so that people can identify it easily. When the newer uninfected version is being uploaded, it will be able to render the content without requiring the users to update the Confluence page content.

Email Confluence Sysadmin Group

  • Users in the configured Confluence Sysadmin Group will be notified by email

 

Comments

 

Delete file enabled

Delete file disabled

 

Delete file enabled

Delete file disabled

If file is infected

Any other errors

 

Emails

 

Delete file enabled

Delete file disabled

 

Delete file enabled

Delete file disabled

If file is infected

Any other errors

 

Placeholder

This is how the placeholder looks like when user preview the infected file:

How to set up the virus scanner

  1. Install a 3rd-party virus scanner. Please refer to the list of compatible scanners.

  2. Go to Attachment Checker ConfigurationVirus Scanning tab.

  3. Enable the Virus Scanning toggle button.

  4. In Scanner Path field, enter the full path to the command line scanner or a script which calls the command line scanner.

  5. In Additional Options field, enter the options if required.

 

Using command line scanner

Enter the full path to the command line scanner, for example:

Scanner Path

Additional Options

Scanner Path

Additional Options

/usr/bin/clamscan

 

c:\progra~1\window~1\MpCmdRun.exe

-Scan -ScanType -File

 

Using script

You can also create a script (e.g. scanner.cmd) which calls the command line scanner in the script, for example:

@echo off echo executing scan for %1 c:\progra~1\window~1\MpCmdRun.exe -Scan -ScanType -File "%1" echo "returning errorLevel = " %ERRORLEVEL% EXIT /B %ERRORLEVEL%

As the script above contains some shorthand directory, you can retrieve shorthand commands through: dir /x

 

Variables

The following variables can be used in the Additional Options:

Variable

Description

Variable

Description

${attachment.id}

The attachment id

${attachment.creator.name}

The attachment creator’s username
If attachment is uploaded by anonymous user, it will return Anonymous