Antivirus is triggered when uploading assets through the Creation component.
Uploading assets by Excel import
Excel files with assets (hyperlinks) can be imported through the Creation component. Each asset uploaded in this bulk operation will also trigger the antivirus scan.
The brief overview of the steps to set up a working antivirus environment are as follows:
Enable antivirus in Settings.
Configure a Content flow using the
Add an antivirus task.
Set dependency with the rendition tasks.
Change the input property of rendition tasks to
URL is set to an Azure function that takes care of the API calls and responses with the external security service. The response of the antivirus service should be mapped to the expected values our antivirus property expects, namely
If a file is marked as
Malicious, then the Rendition tasks will not be executed. Instead, a placeholder will replace the rendition of thumbnails and preview to show the user that the file is malicious:
This antivirus task is not globally set for all sorts of uploads. It must be added and configured in each flow, which manages specific extensions required by the user (images, documents, etc.).
The user should not use UI (Manage Media Processing) to configure this because of the dependency issues that will set the
input property of the rendition tasks to an incorrect value. Saving the flow in the Media Processing page will overwrite the changes made to the
M.MediaMatrix entity, returning the value to the default
input value of dependent tasks.
The antivirus task is an External Web Task that should communicate with an external API controller (e.g., Azure function) set up by the client. The API controller regulates the API functionality with the external service and responds to Sitecore Content Hub with the appropriate value