PHPackages extrameile/em-antivirus - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. extrameile/em-antivirus AbandonedTypo3-cms-extension[Security](/categories/security) extrameile/em-antivirus ======================= TYPO3 Extension to check uploads against an anti virus tool like clamav or eset 1.0.0(5y ago)0309GPL-2.0+PHP Since Apr 23Pushed 5y ago2 watchersCompare [ Source](https://github.com/extrameile/em_antivirus)[ Packagist](https://packagist.org/packages/extrameile/em-antivirus)[ RSS](/packages/extrameile-em-antivirus/feed)WikiDiscussions main Synced today READMEChangelogDependencies (1)Versions (2)Used By (0) Extrameile Antivirus ==================== [](#extrameile-antivirus) This extension checks all files which are added or replaced in the TYPO3 backend with an Antivirus service like ClamAV or ESET. Other Antivirus systems can be added by providing them as a scan service which implements the ScanServiceInterface. In development context, you might not have a compatible scanner installed, so there is a "DevelopmentAvService" which only scans if an uploaded file includes the word "virus" in its content. All available scanners will be executed, an exception occurs if no scanner was available and no file will be accepted. This way you could also add multiple upload filters for content checks. Does it work with every upload? ------------------------------- [](#does-it-work-with-every-upload) No, this extension connects to the FAL Upload Event and processes the file. The TYPO3 Core backend uses the FAL, but if you use non FAL file fields in your TCA it will not run. You need to implement a check and call the service yourself. Also frontend forms are not handled out of the box if they do not use the FAL upload process (EXT:form does, Powermail does not). If you don't use FAL you need to call the service yourself, e.g. by calling the the provided utility class. ``` \Extrameile\EmAntivirus\Utility\AntivirusUtility::scanFile($sourceFilePath, true); ``` The first parameter is the complete file path and name of the file to be scanned, the second parameter defines if FlashMessages should be generated or not. There are 2 possible exceptions that can be thrown. \\Extrameile\\EmAntivirus\\Exception\\NoScannerFoundException If no scanner can be found for execution. \\Extrameile\\EmAntivirus\\Exception\\VirusDetectedException If the scanner found one or more infections in given file. HowTo configure ClamAV ---------------------- [](#howto-configure-clamav) On a standard system, with clamav installed at one of the searchable paths no configuration is needed. If the binary is not in the search path or if open\_basedir restrictions are set then the executable can not be found. You need to configure the path in your LocalConfiguration. The detection in TYPO3 Report Module only works properly, if no open\_basedir restrictions are set. HowTo configure ESET -------------------- [](#howto-configure-eset) Depending on the used version of eset, the executable names will differ. In older versions, it was called "eset\_scan", in newer versions "cls" seems to be used. Both use the same parameters and have the same return codes. The eset\_scan binary is found automagically if in search path and the open\_basedir restrictions are not set. Otherwise, you need to add them in your LocalConfiguration. HowTo use TYPO3\_CONF\_VARS for configuring executables ------------------------------------------------------- [](#howto-use-typo3_conf_vars-for-configuring-executables) If TYPO3 can not find your executables, as they aren't in the search path or if open\_basedir restrictions are set, you can configure the correct place of the executables inside your LocalConfiguration (or AdditionalConfiguration). Please be aware that if you use the binSetup configuration, the TYPO3 reports module will show green "antivirus available" regardless if the executable exists or not. The following configuration allows you to add more binary search paths for searching the executables: ### Additional binPath [](#additional-binpath) ``` $GLOBALS['TYPO3_CONF_VARS']['SYS']['binPath'] = '/opt/eset/esets/sbin/'; ``` ### clamscan path [](#clamscan-path) Or you need to provide the complete path and filename of the executable. Example for ClamAV: ``` $GLOBALS['TYPO3_CONF_VARS']['SYS']['binSetup'] = 'clamscan=/usr/bin/clamscan'; ``` ### eset\_scan path [](#eset_scan-path) Example for ESET FileSecurity with eset\_scan: ``` $GLOBALS['TYPO3_CONF_VARS']['SYS']['binSetup'] = 'esets_scan=/opt/eset/esets/sbin/esets_scan'; ``` ### cls path [](#cls-path) Example for ESET FileSecurity with cls: ``` $GLOBALS['TYPO3_CONF_VARS']['SYS']['binSetup'] = 'esets_scan=/opt/eset/efs/sbin/cls/cls'; ``` HowTo Test the functionality ---------------------------- [](#howto-test-the-functionality) After completing the setup, upload an eicar testfile and the scanner should kick in. Be aware that you might have to disable your local virus scanner to download the file! The files can be found here [https://www.eicar.org/?page\_id=3950](https://www.eicar.org/?page_id=3950)The file will be blocked right after the upload is done, an error message will show up and it will not be moved to your chosen upload folder. ### Health Score 25 — LowBetter than 37% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity12 Limited adoption so far Community8 Small or concentrated contributor base Maturity52 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 1843d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/47644df185d179e3697c3c4bb0056138ab920b9c298890d56af802fe6a3237e4?d=identicon)[extrameile-gehen](/maintainers/extrameile-gehen) --- Top Contributors [![opi99](https://avatars.githubusercontent.com/u/1672061?v=4)](https://github.com/opi99 "opi99 (1 commits)") --- Tags antivirusclamavtypo3typo3-cms-extensiontypo3-extension ### Embed Badge ![Health badge](/badges/extrameile-em-antivirus/health.svg) ``` [![Health](https://phpackages.com/badges/extrameile-em-antivirus/health.svg)](https://phpackages.com/packages/extrameile-em-antivirus) ``` ### Alternatives [leuchtfeuer/secure-downloads "Secure Download": Apply TYPO3 access rights to ALL file assets (PDFs, TGZs or JPGs etc. - configurable) - protect them from direct access. 22234.7k1](/packages/leuchtfeuer-secure-downloads)[causal/fal-protect Protect everything within /fileadmin/ based on associated folder and file restrictions (visibility, user groups and dates of publication). 1269.5k](/packages/causal-fal-protect)[spooner-web/be_secure_pw You can set password conventions to force secure passwords for BE users. 10461.3k](/packages/spooner-web-be-secure-pw)[georgringer/noopener Add rel="noopener noreferrer" to all external links 1535.1k](/packages/georgringer-noopener) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)