Redmine ClamAV - Virus protection for file uploads | AlphaNodes

Redmine Products / Redmine ClamAV - Virus protection for file uploads

Virus protection for file uploads in your Redmine.

Virus protection for every file in Redmine

The Redmine ClamAV Add-On automatically scans every file uploaded to your Redmine for viruses and malware. Whether attached to a ticket or a wiki page: if ClamAV finds a threat, the file is removed immediately, and uploader and administrators are notified.

File uploads in Redmine are a typical entry point for malware. The ClamAV Add-On checks every upload automatically in the background before it can be processed further.

Use cases:

Companies with compliance requirements (ISO 27001, GDPR, public sector, healthcare and finance).
Helpdesk and ServiceDesk setups that receive attachments from external contacts.
Teams that use the Redmine DMSF plugin to share documents internally and with customers.

Your benefits at a glance

Automatic scan of every file

Every upload is checked in the background by the ClamAV daemon - in tickets and wiki. Users do not have to start anything manually.

Immediate response on detection

When a virus is detected, the infected file is removed automatically. The uploader and all active administrators receive an email with details on the finding. For tickets, a journal entry is added to the issue history.

Status visible directly on the attachment

A shield icon next to every file shows the current scan status (clean, pending, error, virus detected) including the timestamp in the tooltip. A toast confirms the result right after the upload.

Manual rescan available

For scan errors or unscanned legacy files, a rescan can be triggered with a single click - directly on the icon for attachments, via the context menu for DMSF documents.

Scheduled background scans

An automation rule periodically rescans legacy files - including those uploaded before the add-on was activated. Fully automatic and without manual intervention.

Dashboard block and reporting

The ClamAV Virus Protection block shows days since the last finding and totals across all scan states. The Reporting plugin allows you to filter, sort and group scan results.

DMSF support included

If you use the Redmine DMSF plugin for document management, its files and revisions are covered as well - including dedicated columns in the document list and manual rescan via the context menu.

FAQ

What is the Redmine ClamAV Add-On?

The Redmine ClamAV Add-On automatically scans every file uploaded to Redmine for viruses and malware in the background using the ClamAV daemon. When a threat is detected, the infected file is removed immediately, and uploader as well as all active administrators are notified by email. The add-on is available exclusively as part of AlphaNodes Managed Redmine Hosting.

Which file uploads are scanned?

Scanned are attachments in tickets, attachments on wiki pages, and files and revisions from the DMSF plugin (Document Management System Features) if it is installed. As soon as a file reaches the server, it is automatically queued for scanning by the ClamAV daemon. Users do not have to start the scan manually.

What happens when a file is detected as infected?

When a virus is detected, the infected file is removed from the server immediately. The uploader receives an email with details about the affected project, the container (issue or document) and the detected virus signature - along with the recommendation to also check the local copy. All active administrators receive the same notification. For tickets, a journal entry permanently documents the event in the issue history.

Are DMSF documents also scanned?

Yes. If the Redmine DMSF plugin (Document Management System Features) is in use, its files and revisions are fully covered. The DMSF document list provides additional columns Virus scan and Last scanned - sortable, filterable and groupable. A manual rescan can be triggered via the context menu of the document list.

Are legacy files scanned that were uploaded before activation?

Yes. The ClamAV Scan automation rule periodically checks files in the background - including those uploaded before the add-on was activated. Unscanned files can additionally be queued for scanning manually per attachment or DMSF document.

How is the ClamAV Add-On licensed?

The ClamAV Add-On is available exclusively as part of AlphaNodes Managed Redmine Hosting. It can be added monthly as an add-on or is part of the Enterprise Support Package. A standalone license for self-hosted Redmine installations is not offered, because the ClamAV daemon needs to be maintained on the server.

Does the virus scan impact user-facing performance?

The scan runs asynchronously in the background through the ClamAV daemon. Users can continue working normally after the upload. A toast notification in the lower corner and the shield icon next to the attachment update automatically as soon as the scan result is available. The scan load stays on the server and does not affect the user interface.

Virus protection including managed service

The Redmine ClamAV Add-On is part of our AlphaNodes Managed Redmine Hosting. You can book it as a monthly add-on or use it as part of our Enterprise Support Package. We take care of the ClamAV daemon, regular virus definition updates and the plugin configuration for you.

Request a quote

Redmine ClamAV - Virus protection for file uploads