Virus scanning of uploaded attachments
Attachment Checker allows all attachments to be scanned with an external 3rd party anti-virus scanner after they are uploaded.
This addresses the following issues:
Feature request raised in CONFSERVER-4731 (Virus scan attachments)
When an attachment is uploaded, it is added into a queue for scanning, so that users do not have to wait for the scanning to complete, which may take some time especially for large files.
Admins can also configure the actions to be taken for infection vs error (e.g. permission or out of memory error):
Delete file
Email Confluence Sysadmin Group
For known virus scanners, infection vs error will be differentiated based on the virus scanner’s exit code.
For unknown virus scanners, any non-zero exit code is treated as an infection.
Let us know about your virus scanner via our Service Desk if it is unknown or if the wrong virus scanner is detected.
When an infection or error occurs, a comment will always be added to the page to inform users for follow up. An email will also be sent to the Confluence Sysadmin Group if configured.
If Delete file is checked, the attachment will be replaced with a default placeholder.
Virus scanning can be configured at Attachment Checker Configuration → Virus Scanning
Please refer to Additional steps for virus scanning set up for detailed instructions.