php-clamav-scan - A simple library for scanning files with ClamAV from PHP

Posted on06/07/2017 byBrian Carey

Welcome back to the KISS Blog!  Its been a while since we posted so I thought I'd bring to your attention a PHP library recently developed to fill a need that was not already out there and easy to find.  While working on an application we needed to scan user uploaded files to ensure they were not carrying any known viruses.  ClamAV being the standard choice for server side scanning such as this will be used for checking the files.  Now we just needed to interface with ClamAV from our CodeIgniter app.

Historically, the php-clamav module has been used for this.  However it does not currently support PHP 7.x.  Now that PHP 7.x has started to be used in production environments we don't want to build on anything that is not compatible with the new versions so decided against this module.  Some Google searches resulted in a few other options that either was not immediately compatible with CodeIgniter or required composer and all that jazz.  Anyone who knows us knows how we feel about pulling in piles of dependencies for simple tasks.

So off I went to create just what we needed, a simple library to scan files from PHP using ClamAV.  This class can be used both as a drop in CodeIgniter library or a standalone class in any PHP code.  The library is named php-clamav-scan and can be downloaded from our GitHub account: https://github.com/kissit/php-clamav-scan.

Requirements

The only dependency for using this class is the PHP Sockets module/extension needs to be installed.  This is either included in most installations already or available for easy installation via the system package managers.

Furthermore, Clamd must be configured with socket connections enabled.

Configure the Clamd Socket

First things first, this library currently only works if Clamd is installed on the same server as the PHP application and has its socket file enabled.  This is typically the default configuration for ClamAV.  Since this is all we needed at the time, we did not include functionality to connect to Clamd over the network though this can easily be added.  We're happy to do so if anyone needs this, just let us know here.

To enable (or change) the socket communications in clamd, simply edit your clamd.conf file to enable the LocalSocket option.  This is the default socket path the library uses by the way.  Be sure to restart clamd if changes are made.

# Path to a local socket file the daemon will listen on.
LocalSocket /var/run/clamav/clamd.sock

Using the class in standalone PHP

First, download the class to your desired location.  For example:

wget https://raw.githubusercontent.com/kissit/php-clamav-scan/master/Clamav.php

Then, require/include it as needed

require 'Clamav.php';

Then simply instantiate an instance of it.  If your socket path is different you can pass it in as an option.  The default socket path is /var/run/clamav/clamd.sock.

$clamav = new Clamav();
- OR -
$clamav = new Clamav(array('clamd_sock' => '/path/to/clamd.sock'));

Finally, run a scan of each file as needed.

if($clamav->scan("/path/to/file/to/scan.txt")) {
    echo "YAY, file is safe!";
} else {
    echo "BOO, file is a virus!";
}

Using the class as a CodeIgniter library

Anyone familiar with CodeIgniter knows that their structure has specific requirements for using custom libraries.  This class is CodeIgniter compatible!

First, download the class to your application/libraries directory.  For example:

$ wget -O application/libraries/ https://raw.githubusercontent.com/kissit/php-clamav-scan/master/Clamav.php

Load the library where desired.  If your socket path is different you can pass it in as an option.  The default socket path is /var/run/clamav/clamd.sock.

$this->load->library('clamav');
- OR -
$this->load->library('clamav', array('clamd_sock' => '/path/to/clamd.sock'));

Finally, run a scan of each file as needed.

if($this->clamav->scan("/path/to/file/to/scan.txt")) {
    echo "YAY, file is safe!";
} else {
    echo "BOO, file is a virus!";
}

Conclusion

In conclusion, I hope someone finds this library useful.  As mentioned above, if someone were to need to scan files against clamd over the network it would be simple to add and we'd be happy to do so if asked so please contact us with any questions or inquiries about this post.