Malware protection

Uploadcare automatically detects infected or malicious files, preventing your users from uploading them and helping you avoid distributing such files. Turning Malware protection on will make sure your app is secure and compliant. All files are checked by ClamAV (open-source antivirus engine).

You can choose between two options:

  • Block and notify — the user who uploads the malicious file will see a message in the widget.

    A similar error message will be returned when making an API request.

  • Keep — the file will be uploaded; you can review and delete infected files in the Files section by switching All files to Infected.

    Set up malware protection in the Configure section of the Uploading tab.

Various malware protection options are available on the Business plan. Virus scanning may also be applied selectively for accounts on other plans for compliance and security reasons.

Note: When malware checking is disabled, uploading malicious files from external sources (e.g., Google Drive) may still be rejected by those sources, as they may prevent downloading them without additional confirmation.