ClamAV is a versatile antivirus program for server and desktop operating systems. With the Antivirus plugin, Mattermost can use ClamAV on a local or remote server to scan files before uploading them to channels. Below we cover how to:
- Install the Antivirus Mattermost Plugin
- Configure ClamAV
- Configure the Antivirus Mattermost Plugin
- Test ClamAV with the EICAR Standard Antivirus Test File
Install Antivirus in Mattermost
First, install the Antivirus plugin.
- Log into Mattermost as a system admin
- In the upper-left corner, select your username, then Plugin Marketplace
- Beside Antivirus, select Install
- Beside Antivirus, select Configure
- Leave the configuration page for the Antivirus plugin open while you configure ClamAV below
We recommend waiting until you finish configuring ClamAV to enable the plugin. This allows Mattermost users to still upload media in case you have issues with ClamAV configuration.
Next, configure ClamAV on a server to listen for requests on a specific port. If you’ll be integrating ClamAV from a remote server that’s already configured to listen on a specific port, continue to the next section: configuring the Antivirus Mattermost plugin.
- Ensure ClamAV is installed on your server via Web Host Manager (WHM) or SSH (Cloud and Bare metal Dedicated servers):
- Log into SSH as root
- Edit your ClamAV configuration file:
nano +107 /user/local/cpanel/3rdparty/etc/clamd.conf
If you’re not on a cPanel server, search for the Clamd file with the “find” command:
find / -name clamd.conf
- Remove the “#” before
TCPSocket 3310to enable listening for scan requests
- (Optional) Change the port number to another unused port if desired
- Ensure port 3310 (or other specified port) is permanently open in your firewall – Advanced Policy Firewall (APF), ConfigServer & Firewall (CSF), Firewalld, etc.
- Restart Apache using (WHM) or your terminal:
service httpd restart
Configure Antivirus in Mattermost
Enable and configure the Antivirus Mattermost plugin.
- Open your Mattermost Antivirus configuration page (or reopen System Console, then Antivirus)
- Change Enable Plugin to true
- Change ClamAV – Host and Port to
localhost:3310(or other specified ClamAV hostname and port number)
- Change the Scan Timeout (seconds) from 10 seconds if desired
- Save changes
Test ClamAV with the EICAR Standard Antivirus Test File
EICAR has a test file free to use for testing antivirus software. The text string will create a false positive response (falsely states a virus is present) in the scanner but is not malicious.
- Create a text file on your local computer
- Visit https://2016.eicar.org/86-0-Intended-use.html
- Add the text string from the bottom of the EICAR page to the new text file
- Save and close the file
- In a Mattermost channel, select the attachment icon beside the text box, then upload the text file
It shouldn’t upload but prompt an error at the bottom:
“Unable to upload file [file-name].txt. Rejected by plugin: The antivirus service did not allow you to attach this file.”
- Attempt to upload a regular file and it should scan the file, then allow you to continue finishing your message
If everything worked well, congratulations on improving Mattermost security. If you have any issues, please contact Live Support.