Nextcloud version (eg, 20.0.5): 26.02
Operating system and version (eg, Ubuntu 20.04): 22.04
Apache or nginx version (eg, Apache 2.4.25): 2.4.52
PHP version (eg, 7.4): 8.1.2
The issue you are facing:
When synchronizing files and directories containing malware with the Nextcloud client, these files are stored on the Nextcloud without being checked by the ICAP server.
If I upload the same files and directories via browser, they are detected and blocked by the ICAP server.
I would like to know how to get the Anti Virus App to also check the file upload via WebDav with the ICAP server.
Otherwise this would be a fatal security problem, because the files can be downloaded afterwards via the browser without any problems.
Is this the first time you’ve seen this error? (Y/N): Y
Steps to replicate it:
- Install the AntiVirus App
- Configure an ICAP server
- Upload files and directories that contain malware. You will receive an error message that these files could not be uploaded. So this is exactly the behavior you want.
- Use Nextcloud client to synchronize files and directories that contain malware
- Look in the Nextcloud, there you will find all the files that should not be there, because they contain malware