ClamAV is a versatile antivirus program for server and desktop operating systems. With the Antivirus plugin, Mattermost can use ClamAV on a local or remote server to scan files before uploading them to channels. Below we cover how to:
Enjoy high-performance, lightning-fast servers with increased security and maximum up-time with our Managed VPS Hosting!
Install the Antivirus Mattermost Plugin
First, install the Antivirus plugin.
Log into Mattermost as a system admin.
In the upper-left corner, select your username, then Plugin Marketplace.
Beside Antivirus, select Install.
Beside Antivirus, select Configure.
Leave the configuration page for the Antivirus plugin open while you configure ClamAV below.
We recommend waiting until you finish configuring ClamAV to enable the plugin. This allows Mattermost users to still upload media in case you have issues with ClamAV configuration.
Configure ClamAV
Next, configure ClamAV on a server to listen for requests on a specific port. If you’ll be integrating ClamAV from a remote server that’s already configured to listen on a specific port, continue to the next section: configuring the Antivirus Mattermost plugin.
Ensure ClamAV is installed on your server via Web Host Manager (WHM) or SSH (Cloud and Bare metal Dedicated servers):
Enable and configure the Antivirus Mattermost plugin.
Open your Mattermost Antivirus configuration page (or reopen System Console, then Antivirus).
Change Enable Plugin to true.
Change ClamAV – Host and Port to localhost:3310 (or other specified ClamAV hostname and port number).
Change the Scan Timeout (seconds) from 10 seconds if desired.
Save changes.
Recommended settings for Antivirus
Test ClamAV with the EICAR Standard Antivirus Test File
EICAR has a test file free to use for testing antivirus software. The text string will create a false positive response (falsely states a virus is present) in the scanner but is not malicious.
Add the text string from the bottom of the EICAR page to the new text file.
Save and close the file.
In a Mattermost channel, select the attachment icon beside the text box, then upload the text file. It shouldn’t upload but prompt an error at the bottom: “Unable to upload file [file-name].txt. Rejected by plugin: The antivirus service did not allow you to attach this file.”
Attempt to upload a regular file and it should scan the file, then allow you to continue finishing your message.
If everything worked well, congratulations on improving Mattermost security. If you have any issues, please contact Live Support.