PHP Anti-Virus / News: Recent posts

Minor point release today, with a few improvements:

* 164 new "virus definitions"
* Support for HTML, CSS, Javascript, VB Script, text files, flat data files and CGI scripts
* Modular configuration file, with defaults if not found

Like I said, minor point release :)

Bug Fixes
- Register_globals vulnerability patched
- Checking file permissions on 'virus.def' before execution

Improvements
- Rewritten documentation
- Used more efficient string container
- 2 new virus definitions
- Added new file extensions to scan

Thanks to tobozo and gossi for their contributions.

Vulnerabilities will be repaired in V1.0.1 due for release in a few days. Basic new features will also be tentatively introduced.

File System Vulnerability:
File permissions; if incorrectly set in a shared server environment can allow de-activation & malicious use of configuration, operation and search & replace function.

PHP Configuration Vulnerability:
Register globals; if enabled can allow malicious code to be returned to unauthorized users by means of manipulated publically-available URLs.... read more

The first release of PHP Anti-Virus is available for download on the project's homepage. Although in beta, it should successfully (but crudely) scan your public web files for malicious code.

Documentation does exist for this first release, although rather sparse. Should you require help installing for any reason, please open a support ticket and I will do my best to help. Feedback at this point is crucial.... read more