OK – so now its time to launch the Filescan” service I have been nursing over the last couple of months. The service is a a cloud based SAAS solution written in APEX, PL/SQL, Nodejs and Python (yes, I love programming languages) :-).
If you want to skip the rest of the introduction, and just try it out – here is the address:
The problem this service is solving, is one faced by many of my customers who have internet facing solution (ex. APEX Applications), which allows uploading of various types of files. These files could be infected by viruses, malware, trojans etc., so optimally we want to block these files so they never enter our internal servers, and are never opened by our internal user.
This is what Filescan does – blocks infected files during the upload process, and BEFORE they reach your databases or file systems. The service is REST based, which means you can use it from virtually any client or programming language. We supply “out of the box” calls for APEX and PL/SQL for ease of use in your Oracle based solutions.
Runs as a cloud service
The service i a SAAS service in the cloud (Frankfurt). That means you dont have to install any local server software, handle virus database updates etc. A simple REST call to the service will scan the file and return the result. The file scanning software used is ClamAV®, which is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. More details about ClamAV here: https://www.clamav.net/. We update the ClamAV virus definition database 4 times a day.
Adding protection to APEX Applications
Filescan currently supports virus detection of files uploaded to APEX_APPLICATION_TEMP_FILES. To add this protection to you APEX applications, there is a simple PL/SQL API which is supplied as part of the service. Ex:
The above is implemented in a page process (PL/SQL), which runs before your code that stores/uses the uploaded files. The PL/SQL API (fs_apex_api_pkg and fs_api_pkg) can be downloaded, once you sign up for the service.
The service supplies API’s for Oracle PL/SQL and Oracle Application Express (APEX), however you can use the service from any tool/language, which supports REST service calls.
Monitoring uploaded files
Once the above code is implemented in your application(s), you can be notified (preference) if users are attempting to upload infected files:
We also supply a dashboard for monitoring the file uploads:
And also a searchable list of uploaded files:
Usage and support
The service is currently supplied as a “free” service, which you are welcome to try out on as many applications you would like. If you experience any problems/issues with this, we will fix these, and also keep the service uptime as close to 100% as possible. We can be reached at: firstname.lastname@example.org.
Plans are to make this service available as a commercial supported solution, once we have evaluated the feedback from users.
Hope you will enjoy the solution, and hopefully it will provide a safer environment for you APEX applications.
To learn more, visit: https://filescan.mbndata.dk