May 20, 2012 4:46 PM [email protected] (Josh) wrote: >writing a PmWiki cookbook recipe, that submits uploaded files to an online >virus >scanner.
Would this be a relatively simple challenge that somebody who knows what they are doing could dash off in a couple of hours? Maybe we could make a game of it: who could be the first to come up with a simple, functional recipe. It might be a welcome addition to PmWiki. Al -----Original Message----- >From: [email protected] >Sent: May 20, 2012 4:46 PM >To: Al Louis Ripskis <[email protected]> >Cc: PmWiki Users <[email protected]> >Subject: Re: [pmwiki-users] Anti-virus scanning & PmWiki > >Antivirus scanning is something you really don’t want a php script to perform. >You would face script timeouts, slow performance, memory issues, etc. So >unless you want to prepackage PmWiki with a server OS bundle and throw in >apache, clamav, php-clamav, etc, it is not doable. There are far to many >different web server and operating system configurations. > >Unless it would be done without involving the local filesystem, e. g. writing >a PmWiki cookbook recipe, that submits uploaded files to an online virus >scanner. You would still have to deal with various timeout and timing issues, >but this is actually something that could work. Given the amount of feedback >to this thread, it’s probably not very high up on the priority list though. > >Josh > > >On May/20, 2012, at 1937 , Al Louis Ripskis wrote: > >> May 19, 2012 4:22 PM [email protected] wrote: >> For all those interested in FOSS-based approaches to virus scanning for web >> app servers, this is an article I found while researching whether there was >> an easy solution to Al’s request: >>> <http://www.techspot.co.in/2009/03/file-upload-and-virus-scanners.html> >> >> The take home message that I got from examining the above site, et al. is >> keep it simple: that it can be a "nightmare" and very expensive if one gets >> into meta scanning and collaborative antivirus programs. Instead use one >> program, such as AVG, and integrate it into PmWiki. The question is, is it >> doable architecturally? >> Al >> >> -----Original Message----- >>> From: [email protected] >>> Sent: May 19, 2012 4:22 PM >>> To: tamouse mailing lists <[email protected]> >>> Cc: PmWiki Users <[email protected]> >>> Subject: Re: [pmwiki-users] Solved: How do you creating one, wiki-wide, >>> Upload Directory on Local Site, not remote site? >>> >>> For all those interested in FOSS-based approaches to virus scanning for web >>> app servers, this is an article I found while researching whether there was >>> an easy solution to Al’s request: >>> <http://www.techspot.co.in/2009/03/file-upload-and-virus-scanners.html> >>> >>> >>> On May/19, 2012, at 0019 , tamouse mailing lists wrote: >>> >>>> Hi, Al, >>>> >>>> This can be automated, but it's not exactly a one or two-line script. >>>> I think others and myself discussed this a bit in your last thread >>>> about virus checking. If you aren't up for writing it yourself, >>>> perhaps you might engage the services of someone who can do it for >>>> you. >>>> >>>> On Fri, May 18, 2012 at 3:46 PM, Al Louis Ripskis <[email protected]> >>>> wrote: >>>>> Many thanks to Josh, Gilles, Tamouse and JDD for helping me resolve this >>>>> conundrum. >>>>> Since PmWiki architecture apparently doesn't permit to automate this >>>>> process, here is how I'm dealing with it: >>>>> I manually (via FileZilla) transfer all the files From the PmWiki-wide >>>>> uploads directory to my local C:\public_html\UnTestedUploads directory, >>>>> where I can use my AVG anti-virus program to check out and delete the >>>>> infected files, then process the uninfected files as necessary. >>>>> It would be nice to be able to do this automatically, but c'est la vie! >>>>> Thanks to all, >>>>> Al >>>>> >>>>> -----Original Message----- >>>>>> From: [email protected] >>>>>> Sent: May 17, 2012 3:21 PM >>>>>> To: Al Louis Ripskis <[email protected]> >>>>>> Cc: pmwiki-users <[email protected]> >>>>>> Subject: Re: [pmwiki-users] How do you creating one, wiki-wide, Upload >>>>>> Directory on Local Site, not remote site? >>>>>> >>>>>> Dear Al, >>>>>> >>>>>> obviously this can’t work. your remote config.php will only affect the >>>>>> remote settings and therefore only manipulate the remote file system. >>>>>> to achieve what you want to do, you will… >>>>>> >>>>>> 1) …either have to mirror the site using something like rsync’ing with >>>>>> the help of a cron job (and have all the problems discussed in an >>>>>> earlier desktop virus scan software thread in this list, which you will >>>>>> probably find in the mailing list archives) >>>>>> >>>>>> 2) …or write some script that does what you need it to do (basically >>>>>> find a way to interface the local and the remote sites). >>>>>> >>>>>> >>>>>> assuming your primary goal is not to move pages from one pmwiki instance >>>>>> to another and have them cross-reference/load their pages, but rather >>>>>> have a way to scan your uploaded files for malware/viruses/etc, you >>>>>> should probably do one of those things: >>>>>> >>>>>> a) if you need to run the scan from your workstation, rather than >>>>>> running it on the server itself, the easiest way would be to mount the >>>>>> server directory as a smb share on your local machine (if your remote >>>>>> and local sites are not on the same network, you will probably have to >>>>>> use a vpn tunnel for that). to explain how to do that is kind of out of >>>>>> the scope of this mailing list, as it is not a PmWiki specific question, >>>>>> but more of a general server administration/setup task. >>>>>> >>>>>> b) you could consider installing a virus scanner (e. g. clamav-server) >>>>>> on your remote site’s server and have it watch your uploads folder and >>>>>> subdirs. this would definitely be a better solution, but users still >>>>>> won’t get feedback why their file has suddenly disappeared. disappearing >>>>>> files is still better than serving malware. and if you have to much >>>>>> spare time on your hand you could even come up with a solution how to >>>>>> have clamav-server tell pmwiki which files had to be removed. >>>>>> >>>>>> c) you could come up with a new way for pmwiki to upload files (e. g. >>>>>> write a new uploader) which automatically triggers your server’s >>>>>> antivirus software and only successfully moves the file into place after >>>>>> it has been cleared by the av software. >>>>>> >>>>>> >>>>>> again, this topic is not really related to PmWiki in the first place, >>>>>> since it’s a problem basically every content management system has. you >>>>>> might have better luck searching the web for a more general solution to >>>>>> this problem, or maybe ask this question in a more generalized way on >>>>>> stackoverflow. >>>>>> >>>>>> Josh >>>>>> >>>>>> On May/17, 2012, at 1957 , Al Louis Ripskis wrote: >>>>>> >>>>>>> May 17, 2012 8:57 AM [email protected]; Josh wrote: >>>>>>> $UploadDir = "C:/public_html/pmwiki/uploads"; >>>>>>> $UploadUrlFmt = >>>>>>> "http://www.politicaltransformation.org/htdocs/pmwiki/uploads";; >>>>>>>> Did you put these lines in your local or remote site’s >>>>>>>> local/config.php? >>>>>>>> Can you clarify what your local and remote sites actually are? >>>>>>> The remote site is my politicaltransformation.org PmWiki and that's the >>>>>>> config.php file that I inserted the above two lines of script. >>>>>>> Now my local site is the computer I'm operating from that has Windows >>>>>>> XP Home OS. >>>>>>> Thanks again, >>>>>>> Al >>>>>>> >>>>>>>> On May/17, 2012, at 1414 , Al Louis Ripskis wrote: >>>>>>>> >>>>>>>>> May 16, 2012 10:11 PM Tamouse wrote: Do I understand this >>>>>>>>> correctly.Let me know if that's the situation so I can respond: >>>>>>>>>> a) politicaltransformation.org is hosted on a remote site? YES >>>>>>>>>> b) you are expecting the remote site to understand a path on your >>>>>>>>>> local machine? YES >>>>>>>>>> c) you are further expecting the wiki software to deliver a file to >>>>>>>>>> a user by cross-loading it from your local machine? NO. Deliver the >>>>>>>>>> user uploaded files to Local Upload directory so they can be checked >>>>>>>>>> out by my AVG virus program for viruses, etc..If this is not >>>>>>>>>> possible, is there another way to check out automatically whether >>>>>>>>>> the uploaded files are infected? >>>>>>>>> Thanks very much, >>>>>>>>> Al >>>>>>>>> >>>>>>>>> -----Original Message----- >>>>>>>>>> From: tamouse mailing lists >>>>>>>>>> Sent: May 16, 2012 10:11 PM >>>>>>>>>> To: Al Louis Ripskis >>>>>>>>>> Cc: pmwiki-users >>>>>>>>>> Subject: Re: [pmwiki-users] How do you creating one, wiki-wide, >>>>>>>>>> Upload Directory on Local Site, not remote site? >>>>>>>>>> >>>>>>>>>> On Wed, May 16, 2012 at 1:43 PM, Al Louis Ripskis wrote: >>>>>>>>>>> According to PmWiki Upload Administration instructions all you >>>>>>>>>>> suppose to do >>>>>>>>>>> is put this or equivalent in you Config file:: >>>>>>>>>>> >>>>>>>>>>> $UploadDir = "/home/foobar/public_html/uploads"; >>>>>>>>>>> $UploadUrlFmt = "http://example.com/~foobar/uploads";; >>>>>>>>>>> >>>>>>>>>>> When I translate the above to my Windows XP OS needs, I come with >>>>>>>>>>> this: >>>>>>>>>>> >>>>>>>>>>> $UploadDir = "C:/public_html/pmwiki/uploads"; >>>>>>>>>>> $UploadUrlFmt = >>>>>>>>>>> "http://www.politicaltransformation.org/htdocs/pmwiki/uploads";; >>>>>>>>>>> >>>>>>>>>>> But all this does is create another upload directory on the remote >>>>>>>>>>> site. >>>>>>>>>>> I would like to create one, site-wide directory on the local site. >>>>>>>>>>> How do I do that? >>>>>>>>>> >>>>>>>>>> Do I understand this correctly: >>>>>>>>>> >>>>>>>>>> a) politicaltransformation.org is hosted on a remote site? >>>>>>>>>> b) you are expecting the remote site to understand a path on your >>>>>>>>>> local machine? >>>>>>>>>> c) you are further expecting the wiki software to deliver a file to a >>>>>>>>>> user by cross-loading it from your local machine? >>>>>>>>>> >>>>>>>>>> Let me know if that's the situation so I can respond. >>>>>>>>> _______________________________________________ >>>>>>>>> pmwiki-users mailing list >>>>>>>>> [email protected] >>>>>>>>> http://www.pmichaud.com/mailman/listinfo/pmwiki-users >>>>>>>> >>>>>>> >>>>>> >>>>> >>>> >>>> _______________________________________________ >>>> pmwiki-users mailing list >>>> [email protected] >>>> http://www.pmichaud.com/mailman/listinfo/pmwiki-users >>> >>> >>> _______________________________________________ >>> pmwiki-users mailing list >>> [email protected] >>> http://www.pmichaud.com/mailman/listinfo/pmwiki-users >> > _______________________________________________ pmwiki-users mailing list [email protected] http://www.pmichaud.com/mailman/listinfo/pmwiki-users
