Antivirus scan

Note

To configure Content Hub, you must either be a superuser or have the necessary permissions granted to you through user group policies.

Sitecore Content Hub has an antivirus scan feature that activates when users upload assets through the Creation component or an Excel import. As part of an antivirus package, it scans files for viruses and harmful items.

You enable the antivirus scan from the Settings page.

Important

Our antivirus scan feature is not a standalone tool, but a component of an antivirus package. To use it, you must provision your own antivirus tool and integrate it with the antivirus scan in Content Hub.

Enable the antivirus scan

To enable the antivirus scan:

  1. On the menu bar, click Manage cog icon.

  2. On the Manage page, click Settings.

  3. On the Settings page, find and click AntivirusSetting.

  4. For AntivirusSetting, set the antivirusEnabled flag to true.

  5. Click Save.

Configure an antivirus task

Because the antivirus scan functionality makes a call to an external service API, it requires a RunExternalWebTask processing task configured in the M.MediaMatrix for the related media flow.

Note

An external web task is a webhook that Content Hub uses in file processing to create pre-defined conversions known as renditions.

Create a new media processing set

To create a new media processing set:

  1. On the menu bar, click Manage cog icon.

  2. On the Manage page, click Media processing.

  3. On the Media processing page, click New set.

  4. In the New set dialog, enter an appropriate name, for example Antivirus.

  5. Optionally, you can turn on the Auto-run switch to automatically apply this set to all new assets.

  6. Click Create.

Set up an external web task

To set up an external web task:

  1. On the menu bar, click Manage cog icon.

  2. On the Manage page, click Media processing.

  3. On the Media processing page, click the set you created and then click Add flow.

  4. In the Flow settings dialog, enter a name in the Name field, for example Antivirus.

  5. If you want the flow to only scan specific types of files, enter those types in the File types field, such as zip, 7z, tar, or gz.

  6. Click Save.

  7. On the media processing set details page, click the new flow.

  8. On the details page of the new flow, click the plus icon sign and, in the right-hand pane, click Run external web task.

  9. On the Parameters tab, fill out the fields as follows:

    • Name - enter Antivirus.

    • Content type - leave blank.

    • Content disposition - from the list, click Attachment.

    • URL - enter a URL that points to the external antivirus scan service of your choice.

  10. On the Outputs tab, to enable outputs, turn on the Store output switch and then fill out the fields as follows:

    • Output type - click Property in the drop-down list.

    • Property - click Virusscan result in the drop-down list.

  11. Click Save task, then Save and Close.

  12. Click Publish.

Configure the M.MediaMatrix.Content entity

To retrieve the media set ID:

  1. On the menu bar, click Manage cog icon.

  2. On the Manage page, click Media processing.

  3. On the Media processing page, click one of the media sets in the list.

  4. Copy the ID that displays at the end of the URL. In the following example, for the Content media set, the ID is 1014.

    RequestResponse
    `https://<CONTENT_HUB_INSTANCE>/en-us/admin/media-processing-mgmt?mediaMatrixManagementSelectedMatrix=1014`
    

To configure the M.MediaMatrix.Content entity:

  1. On the Manage page, click Entities.

  2. To the Entities page URL, append /entity/ followed by the media set ID, and press Enter.

  3. On the Entity detail page, click Edit edit icon.

  4. To change the conversion matrix JSON, in the Matrix panel, from the drop-down list, click Text.

  5. Search for the Archives node and make sure that the following JSON code comes first under tasks:

    RequestResponse
      "antivirus": {
        "type": "RunExternalWebTask",
        "do update": true,
        "input": "source",
        "output": "antivirus",
        "outputfileprovider": "local",
        "contentdisposition": "attachment",
        "url": "http://beeceptor.com/console/testsitecore-antivirus",
        "parameters": {},
        "headers": {}
      }
    
  6. Add an antivirus dependency in the metadata entry of the Archives node as follows:

    RequestResponse
    "deps": [
      "antivirus"
    ]
    
  7. Store the scan output in the antivirus property of the file as follows:

    RequestResponse
    "properties": {
      "VirusScanResult": "antivirus"
    }
    
  8. Click Save.

Complete the antivirus scan

Create an asset either through the Creation component or through an Excel import. If the file is considered malicious by the chosen antivirus service, the file details page displays a warning that downloads of the file are now disabled. When this happens, the file thumbnail and associated renditions are replaced by placeholders.

Test the malicious file alert trigger

Using an API call, you can test what happens when a file is flagged as malicious.

To test the malicious file alert trigger:

  1. Set the URL on a personal API point.

  2. Upload an asset to trigger the external web task. The request body has the following format:

    RequestResponse
    {
        "callback": "https://callback-url",
        "sources": [ "https://blob-sas-url" ],
        "parameters": {}
    }
  3. Copy the callback URL from the endpoint.

  4. Send a POST request containing the following code to the callback URL:

    RequestResponse
      {
        "value": "Malicious"
      }
    

Do you have some feedback for us?

If you have suggestions for improving this article,