Nextcloud more secure using clamav

Make your Nextcloud more secure using clamav and Nextcloud’s file-antivirus app. Just install clamav on your server and make just few configuration steps.

Install clamav using the Ubuntu repositories

Start working as sudo to install and configure clamav:

sudo -s
apt update && apt upgrade -y
apt install clamav clamav-freshclam clamav-daemon -y

service clamav-freshclam stop

service clamav-freshclam start

Change some values in clamav config:

cp /etc/clamav/clamd.conf /etc/clamav/clamd.conf.bak
vi /etc/clamav/clamd.conf

MaxDirectoryRecursion 25
MaxFileSize 50M
PCREMaxFileSize 50M
StreamMaxLength 50M

or perform the following commands instead of manually editing the file:

cp /etc/clamav/clamd.conf /etc/clamav/clamd.conf.bak
egrep "*MaxDirectoryRecursion.*|*MaxFileSize.*|*PCREMaxFileSize.*|*StreamMaxLength.*" /etc/clamav/clamd.conf
sed -i "s/MaxFileSize.*/MaxFileSize 50M/" /etc/clamav/clamd.conf
sed -i "s/MaxDirectoryRecursion.*/MaxDirectoryRecursion 25/" /etc/clamav/clamd.conf
sed -i "s/PCREMaxFileSize.*/PCREMaxFileSize 50M/" /etc/clamav/clamd.conf
sed -i "s/StreamMaxLength.*/StreamMaxLength 50M/" /etc/clamav/clamd.conf

Verify your changes:

egrep "*MaxDirectoryRecursion.*|*MaxFileSize.*|*PCREMaxFileSize.*|*StreamMaxLength.*" /etc/clamav/clamd.conf

Then restart freshclam:

service clamav-freshclam restart && service clamav-daemon restart

Clamav will be updated every hour (using freshclam), you do not have to configure anything.

Install Nextcloud’s file_antivirus app

Change to Nextclouds app-directory

cd /var/www/nextcloud/apps

and download the current antivirus app:

wget for Nextcloud 12

Extract the app and set the permissions to the webuser:

unzip master &&  mv files_antivirus-master files_antivirus && rm
chown -R www-data:www-data /var/www/nextcloud

Now logon to your Nextcloud and enable the antivirus app:

Change to the admin panel and select “Additional settings” -> “Antivirus Configuration”. Adjust the configuration to “Daemon (Socket)” and change the “Stream Length” value to “52428800” (50MB).

Please decide wether to raise a logentry or delete infected files directly if viruses are identified.

Please find more information here.

If you upload an examplarily file you will find an entry in your Nextcloud logfile like this:

If you find “Debug files_antivirus Response :: stream: OK ” your Nextcloud 12 is even more secure using clamav!

To change freshclams refresh-intervall, just perform:

dpkg-reconfigure clamav-freshclam

and follow the examples below:

Carsten Rieger