Makussu/bunkerweb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

inspectFile fix

Browse Source
This commit is contained in:
bunkerity 2020-06-06 21:01:28 +02:00
parent ccaaa8b57d
commit efcf937109
3 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -307,6 +307,7 @@ If set to yes, ClamAV will automatically remove the detected files.
## TODO ## TODO
- Default CSP - Default CSP
- Custom Dockerfile based on bunkerized-nginx - Custom Dockerfile based on bunkerized-nginx
- Auth basic
- Documentation - Documentation
- Custom TLS certificates - Custom TLS certificates
- HSTS preload, HPKP - HSTS preload, HPKP

4
confs/modsecurity-clamav.conf
View File

@ -1,2 +1,4 @@
SecUploadDir /tmp
SecUploadKeepFiles Off
SecRule FILES_TMPNAMES "@inspectFile /opt/scripts/clamav.sh" \ SecRule FILES_TMPNAMES "@inspectFile /opt/scripts/clamav.sh" \
"phase:2,t:none,block,msg:'Virus found in uploaded file',id:'399999'" "phase:2,t:none,deny,msg:'Virus found in uploaded file',id:'399999'"

4
scripts/clamav.sh
View File

@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
output=$(clamscan -i --no-summary "$1" 2> /dev/null) output=$(clamscan -i --no-summary $1 2> /dev/null)
rm -f $1
if echo "$output" | grep -q ".* FOUND$" ; then if echo "$output" | grep -q ".* FOUND$" ; then
echo "0 clamscan: $output" echo "0 clamscan: $output"
else else