How are people performing virus scans on uploads?
KelleyEMar 18 2008 — edited Jun 3 2008I am going to be starting an application shortly that will accept uploaded files from 3rd parties. Luckily they will not be annonymous but you never know if a friendly source may have become infected without thier knowledge.
So my question is how are other APEX developers ensuring that the files they receive are clean? Does running a real-time AV on the webserver scan temporary files hitting somewhere under /www or does APEX load each bit directly into the BLOB, effectively bypassing scanning? I've searched a bit but was unable to find anything concrete here on the forums.
I'm debating dropping the file to the file system for scanning before it is accessible by our internal users but if that is unnecessary I don't have to worry about it.
Thank you,
Kelley