Malware protection

Uploadcare automatically detects infected or malicious files, preventing your users from uploading them and helping you avoid distributing such files. Turning Malware protection on will make sure your app is secure and compliant. All files are checked by ClamAV (open-source antivirus engine).

Automatically on upload

You can choose between two options:

  • Block and notify — the user who uploads the malicious file will see a message in the widget.

    A similar error message will be returned when making an API request.

  • Keep — the file will be uploaded; you can review and delete infected files in the Files section by switching All files to Infected.

    Set up malware protection in the Configure section of the Uploading tab.

Various malware protection options are available on the Pro plan. Virus scanning may also be applied selectively for accounts on other plans for compliance and security reasons.

Note: When malware checking is disabled, uploading malicious files from external sources (e.g., Google Drive) may still be rejected by those sources, as they may prevent downloading them without additional confirmation.

You can also configure webhook, which will send an alert when infected file is found.

Webhook event

To get the job result, you need to enable file.info_updated in the Webhook section of the dashboard.

After completing the processing job, the webhook will be sent to the endpoint you specified in the webhook settings.

File information in response:

"initiator": {
    "type": "addon",
    "detail": {
      "addon_name": "uc_clamav_virus_scan",
      "request_id": ":request_id",
    }
  },
  "hook": {
    ...
    "event": "file.info_updated",
    "is_active": true,
    "version": "0.7",
    ...
  },
    "uuid": ":UUID",
    "is_image": false,
    "is_ready": true,
    "metadata": {},
    "appdata": {
      "uc_clamav_virus_scan": {
        "data": {
          "infected": true,
          "infected_with": "Win.Test.EICAR_HDB-1"
        },
    },
    ...
  }

For already uploaded files

If your application does not have a backend or uses a mobile version, you can submit the request yourself.

You can check a file for viruses with the REST API. For example, the file uploaded several months ago can be scanned using updated anti-virus databases.

Virus checking is currently available on the REST API v0.7 or higher via add-ons API.

First get your API keys.

Execute virus check on a target UUID:

curl -X POST \
     -H 'Content-Type: application/json' \
     -H 'Accept: application/vnd.uploadcare-v0.7+json' \
     -H "Authorization: Uploadcare.Simple $YOUR_PUBLIC_KEY:$YOUR_SECRET_KEY" \
     "https://api.uploadcare.com/addons/uc_clamav_virus_scan/execute/" \
     -d "{\"target\": \"$UUID\"}"

As a request result, you will receive REQUEST_ID:

{
  "request_id": "UUID"
}

You can track execution status using request_id from previous request's response:

curl -X GET \
     -H 'Content-Type: application/json' \
     -H 'Accept: application/vnd.uploadcare-v0.7+json' \
     -H "Authorization: Uploadcare.Simple $YOUR_PUBLIC_KEY:$YOUR_SECRET_KEY" \
     "https://api.uploadcare.com/addons/uc_clamav_virus_scan/execute/status/?request_id=$REQUEST_ID"

As a request result, the file's application data will be updated when the status is done:

{
  "status": "done"
}

After that, you can get a result of a virus scan by requesting file info and looking into appdata:

curl -H "Accept: application/vnd.uploadcare-v0.7+json" \
     -H "Authorization: Uploadcare.Simple $YOUR_PUBLIC_KEY:$YOUR_SECRET_KEY" \
     "https://api.uploadcare.com/files/$UUID/?include=appdata"

There you will find infected param with a true or false status, where false means that file isn't infected:

{
  "appdata": {
    "uc_clamav_virus_scan": {
      "data": {
        "infected": false
      }
    }
  }
}

If the file is infected, then the request result will look like this:

{
  "appdata": {
    "uc_clamav_virus_scan": {
      "data": {
        "infected": true,
        "infected_with": "Win.Test.EICAR_HDB-1"
      },
      "datetime_created": "2022-12-20T10:11:53.291406Z",
      "datetime_updated": "2022-12-20T12:18:31.465962Z",
      "version": "0.105.1"
    }
  }
}

Check out REST API reference for all details.

Removal of infected files

If you need to delete an infected file, the output request should look like this:

curl -X POST \
     -H 'Content-Type: application/json' \
     -H 'Accept: application/vnd.uploadcare-v0.7+json' \
     -H "Authorization: Uploadcare.Simple $YOUR_PUBLIC_KEY:$YOUR_SECRET_KEY" \
     "https://api.uploadcare.com/addons/uc_clamav_virus_scan/execute/" \
     -d "{\"params\":{\"purge_infected\":true}, \"target\":\"$UUID\"}"

API integrations

You don't have to code most of the low-level API integrations. We have high-level libraries for all popular platforms:

Billing

  • This feature is available on any plan. We force-scan all files for viruses when uploading, but you can additionally rescan the file with a more recent virus database.
  • Learn how we charge for this operation.