september 09, 2021
At Valtech we run lots of AEM projects that require to scan uploaded assets for malware. Our AEM Virus Scan (AVS) tool greatly simplifies this task. It supports Clam AV scanner out-of-the-box and can be extended by custom scanning engines. It also provides a GUI to see last alerts and allows to run manual scans.
What are we talking about regarding virus scanning?
Virus scanning means scanning for malware such as viruses, worms, trojans, crypto miners etc. In AEM context there are multiple places where this makes sense:
- Assets that are uploaded by editors. Even images can contain malware and should be scanned before making them public.
- Uploads from end users via e.g. forms on the website. You want to prevent that someone uploads a virus that is then processed by further backend systems.
AMS already scans our servers – why should I use another new tool?
The scans by AMS are on file system level. This has some drawbacks. First, scans are not done instantly when a new asset is uploaded. Second, it will not prevent that malware is uploaded to your system. Third, if you have processes where end users upload data this might not help - the asset might be directly forwarded to another system without storing in CRX.
So how does it work?
Scanning of uploaded data
AVS provides a POST filter that can check all uploads to DAM area. Whenever some malware is detected, the upload will stop. This means that malware will not enter AEM at all which is a big benefit compared to scanners that check existing data only.
AVS can scan files on demand. Use the manual scan in the AVS tools menu for this. Here you can upload any file and check if malware is found. This can be used to double-check blocked file uploads.
You can see the last alerts in AVS’ history. It is accessible from the AVS tool menu. Scans that did not report any issues will not be listed here. The list contains the scan engine output and the user and path where the file was uploaded.
Integration in your custom code
You can call AVS’ service API to scan custom data. The data is provided as input stream, no need for it to be stored in AEM. Use the AvsService to access the scan methods.
Where can I get it?
You will find all the documentation on GitHub that also includes more advanced features like:
- Email notification
- Service API
- Health Checks
- Implementing a custom scan engine
We're planning some more enhancements in AVS such as scheduled scans. This will help you even more in your projects