We got a big installation at our university. During the automn and winter semester we got about 3000 open courses. We got a total of 80 000 courses in our databases. For the active courses we keep 10 backups and after 180 days of inactivity a courses only got one backup.
All that courses generate a lot of data. We have about 22 tera in the filedir. On that 22 tera, 12 tera are backups.
Here is our strategy of virus scan on the files :
1- We use clamAV to scan files when they are upload on our Moodle
2- Each day we scan all the filedir to find virus that were not know at the time of the upload
The point 2 was ok when we were a small installation. But right now, it's taking weeks to scan all the filedir. We are working on some improvement to skip the backup and other stuff like that, but we got a talk with our security guy and he got the real solution we think.
Moodle is scanning file when they are upload, but he should also scan them when they are download from Moodle. With that in mind, the file will only be scan when they are access. Reducing a lot of CPU processing. Here is a description of the solution :
- A hook is created to be able to add code when a file is download
- A database table remember the file that were scan
- When the anti-virus software got a new definition of virus the table of scan file is empty
- There could be some configuration for the maximum size or time that the file that will be scan
Do you think it's a good feature for Moodle ? Do you think that it could make it's way to the core ?
General developer forum
Anti-virus scan on dowload
This discussion has been locked so you can no longer reply to it.