Does Moodle scan files for viruses on upload?

To avoid the risk that an uploaded file in a Moodle site might have a virus which could spread to the computer of a student who downloaded and ran it (e.g. a Microsoft Word file with a virus) many learning management systems at UCLA (Engineering and Social Sciences and others?) currently scan uploaded files for viruses.

According to this Moodle Forum posting by Martin Dougiamas (moodle chief architect), Moodle does as well:

“Moodle 1.5 works together with ClamAV (an open source anti-virus program for Linux) to scan all incoming files (at the time they are uploaded) for known viruses (this includes assignments, attachments, etc etc)” – http://moodle.org/mod/forum/discuss.php?d=14903 (Registration required)

This doesn’t happen automatically on a simple Moodle install though. You need to both install Clam AV http://www.clamav.net/ and configure Moodle to use it.

  1. Site Administration
  2. Security
  3. Anti-virus
  4. Then answer these questions:
    • Use clam AV on uploaded files (checkbox)
    • clam AV path
    • Quarantine directory
    • On clam AV failure – choose one
      • Treat Files As OK
      • Treat Files As Viruses