LoadModule clamav_module lib/apache/mod_clamav.so
#
# Here is a configuration for an Apache proxy that scans everything except some
# image types for viruses, using the database files in /var/lib/clamav
# While downloading files, mod_clamav will write a copy of the file it will later
# scan for viruses in /tmp/clamav.
# ClamavTmpdir /tmp/clamav
# ClamavDbdir /var/lib/clamav
# ClamavSafetypes image/gif image/jpeg image/png
#
#
# SetOutputFilter CLAMAV
#
#
# The status page can be enabled with the Location
#
#
# SetHandler clamav
# Order deny,allow
# Deny from all
# Allow from 127.0.0.1
#
#
# Please note that not restricting access to this location may reveal
# sensitive information.
###############################################################################
# Reference
###############################################################################
#
# All the available directives are described below
#
# ClamavMode
#
# Syntax: ClamavMode local | daemon
# Default: ClamavMode local
# Context: server config, virtual host, directory
#
# If the module is supposed to use the clamav library directly,
# use local mode. In daemon mode, the module queries a remote clamd
# (on the same machine, of course) for virus checking.
# The connection to the daemon must be configured using the ClamavSocket
# or ClamavPort directives
#
# ClamavSocket
#
# Syntax: ClamavSocket unix-domain-socket
# Default: none
# Context: server config, virtual host, directory
#
# Specifies the path where the Clamav daemon clamd is listening. If this
# directive is not set, the daemon mode of the module assumes
# a TCP connection to the Clamav daemon.
#
# ClamavPort
#
# Syntax: ClamavPort port
# Default: none
# Context: server config, virtual host, directory
#
# Specifies the port number on which the clamav daemon is listening.
# Not that this directive only has any effect if ClamavSocket is not specified.
#
# ClamavTmpdir
#
# Syntax: ClamavTmpdir tmp-dir
# Default: ClamavTmpdir /tmp
# Context: server config, virtual host, directory
#
# This directive defines the directory where temporary files should be stored
# until the can be scanned for viruses.
#
# ClamavDbdir
#
# Syntax: ClamavDbdir virus-pattern-dir
# Default: same as that of your clamav installation
# Context: server config, virtual host, directory
#
# This directive defines the directory from which virus patterns are loaded.
#
# ClamavReloadInterval
#
# Syntax: ClamavReloadInterval interval
# Default: 0
# Context: server config, virtual host, directory
#
# The pattern database is reloaded if the last request is more then interval
# seconds in the past. A value of 0 means that the pattern database is never
# reloaded, to update patterns, the server must be gracefully restarted.
# Reloading is only necessary in local mode, in daemon mode its the daemon's
# business to keep the pattern matching engine up-to-date.
#
# ClamavTrickleInterval
#
# Syntax: ClamavTrickleInterval interval
# Default: ClamavTrickleInterval 60
# Context: server config, virtual host, directory
#
# This directive sets the interval at which a block (normaly one byte, but
# configurable with the ClamavTrickleSize directive) of the incoming data
# is sent to the browser to keep it happy. If your browsers are tolerant of
# long delays, this value can be increased.
#
# Note that the trickle interval has a side effect that can affect your link
# load considerably: only when the trickle is sent to the client will the
# module be able to detect that the client has aborted the connection.
# A long trickle interval means that the server will continue downloading
# the file, although the client is no longer interested. This can fill up
# you link with downloads still going on no user is interested in.
#
# Browsers behave quite differently with respect to timeouts. For some
# browsers, a single byte is not good enough, so you will want to increase
# the trickle size to a larger value. Download speeds below 1 byte/sec seem
# to be a problem for browsers. Apple's Safari browser times out after
# 60 seconds (Mozilla seems to be more patient), so you will have do make
# the trickle interval smaller than 60. Note also that the trickle interval
# is a minimum value, if a packet arrives from the remote server after that
# interval, then a trickle block is sent to the browser client.
# If no packets arrive from the remote server, no trickle blocks are sent
# to client either.
#
# ClamavTrickleSize
#
# Syntax: ClamavTrickleSize size
# Default: ClamavTrickleSize 1
# Context: server config, virtual host, directory
#
# This directive sets the size of the block sent after each trickle interval.
# See the description of the ClamavTrickleInterval directive for details.
#
# ClamavMaxfiles
#
# Syntax: ClamavMaxfiles number-of-files
# Default: none
# Context: server config, virtual host, directory
#
# This directive sets the maxfiles limit variable in Clamav, please read the
# Clamav for the exact implications of this.
#
# ClamavMaxfilesize
#
# Syntax: ClamavMaxfilesize filesize
# Default: none
# Context: server config, virtual host, directory
#
# This directive sets the maxfilesize limit variable in Clamav, please
# read the Clamav documentation for the exact implications of this.
#
# ClamavRecursion
#
# Syntax: ClamavRecursion depth
# Default: none
# Context: server config, virtual host, directory
#
# This directive sets the recursion depth limit variable in Clamav, please
# read the Clamav for the exact implications of this.
#
# ClamavSafetypes
#
# Syntax: ClamavSafetypes safe-mime-type ...
# Default: none
# Context: server config, virtual host, directory
#
# Use this directive to specify a list of mime types that can safely be bypassed.
#
# ClamavSizelimit
#
# Syntax: ClamavSize size
# Default: ClamavSizelimit 0
# Context: server config, virtual host, directory
#
# This directive sets the size of the largest part of a file that will be
# checked. By default, its value is 0, meaning the a file is scanned in its
# entirety. For a positive value, a chunk of at least size bytes
# is downloaded and checked for viruses. If nothing is found, the rest of
# the file is downloaded without checking.