file upload scanning

Free Modsecurity rules - Comodo Web Application Fi
1

hi,

do comodo free modsecurity rules cover any kind of file upload scanning (php fileuploads etc.) and if yes, how?

i know, there is a modsec solution with “SecRule FILES_TMPNAMES…”, to let eg. clamdscan check files before uploading into webroot, but currently i am facing issues with typo3 cms, if such kind of rule is activated. does anybody know a proper solution to scan all uploads?

regards,
andi

2

If u r looking for free solution then you can try “Linux Malware Detect” but if you want paid solution then “CXS” is perfect solution for it. Just for a small one time fees you can get that :slight_smile:

3

Hi

CWAF doesn’t plan to support file upload scanning yet. It could be highly FP-dangerous feature.