Front office supports the use of a custom virus scan plugin that can be used to do real-time virus scanning of Front Office file type (attachment) fields. The template solution contains example code that uses Windows Defender to run a scan and return a true/false result to Front Office. This example can be modified to use alternative virus scan applications as required.
This article covers the following topics:
Pre Requisites
- The plugin must be built using MS Visual Studio 2019 or above.
- The plugin must target MS .Net version “Standard 2.0”.
- The target virus scanning software must be capable of scanning the file in real-time because it is initiated from the file upload dialog, therefore request forms are blocked until the scan has completed.
Build the Plugin
- Contact the Biomni support team via the Help Center at https://frontofficehelp.biomni.com/ and ask for a copy of the “Front Office custom virus scan plugin template”.
- Extract the contents of the ZIP file supplied to a local folder.
- Start MS Visual Studio and open the solution file: “ScannerPlugin.sln”.
- “Scanner.cs” contains a method called Scan:
public ScanResult Scan(ItemtoScan itemtoScan)
{
bool infected = false; // Set to true if infected
var fileBytes = itemtoScan.Data;
//
// Start the call to the virus scanning tool here
// This example uses Windows Defender
//
// First write the file to the file system; for example: “c:\scanner”
// Make sure the local group “IIS_IUSRS” has full control of this folder
var fileName = "c:\\scanner\\" + itemtoScan.FileName;
File.WriteAllBytes(fileName, fileBytes);
// Call the Defender command line utility to perform an instant scan on the file
var processStartInfo = new ProcessStartInfo() {
FileName = "C:\\Program Files\\Windows Defender\\MpCmdRun.exe",
Arguments = "-Scan -ScanType 3 -File " + fileName + " -DisableRemediation",
CreateNoWindow = true,
WindowStyle = ProcessWindowStyle.Hidden,
UseShellExecute = false,
RedirectStandardError = true,
RedirectStandardOutput = true
};
var process = new Process();
process.StartInfo = processStartInfo;
var stdOutput = new StringBuilder();
process.OutputDataReceived += (sender, args) => stdOutput.AppendLine(args.Data);
string stdError = null;
process.Start();
process.BeginOutputReadLine();
stdError = process.StandardError.ReadToEnd();
process.WaitForExit();
// Delete the file from the scanner folder
File.Delete(fileName);
// Check scan results
if (process.ExitCode == 2) // Defender returns 0 if clean or 2 if infected
{
// The file is infected
infected = true;
}
if (process.ExitCode !=0 && process.ExitCode !=2)
{
// Something has gone wrong, throw an error
var message = new StringBuilder();
if (!string.IsNullOrEmpty(stdError))
{
message.AppendLine(stdError);
}
if (stdOutput.Length != 0)
{
message.AppendLine("Std output:");
message.AppendLine(stdOutput.ToString());
}
throw new Exception(fileName + " finished with exit code = " + process.ExitCode + ": "
+ message);
}
//
// End of the call to the virus scanning tool
//
return new ScanResult() { IsInfected = infected };
} - If not using Windows Defender:
a: Modify the code to call the target virus scanning software and get the result of the scan.
b: Set the bool type variable “infected” to true if the file is infected - If using Windows Defender as per the example, make sure the folder “c:\scanner” is created and that the local “IIS_IUSRS” group has full control of the folder. If using an alternative location, modify the source code accordingly.
- Build the solution.
- Once the build has been completed, the ScannerPlugin DLL will be in the “bin/release/netstandard2.0” folder (or “bin/debug/netstandard2.0” if in debug mode)
Install the Plugin
- Copy the “ScannerPlugin.dll” file to the “website/bin” folder within your Front Office installation.
- Update the Custom anti-virus plugin system setting to “ScannerPlugin.Scanner, ScannerPlugin”, as shown below.
In Use
Once installed and configured, the custom virus scanner plugin will be called each time a user uploads a file. If the plugin detects an issue with the file, the user will see the error below.
Share this article
Comments
0 comments
Article is closed for comments.