Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
This module integrates the VirusTotal API service
It provides an API for developers and Rules 2.x integration
(but does nothing out of the box). (7.x)
It provides reports list in the admin area and has cron features for retrieving actual file status once per day. You can use Ultimate cron module to reconfigure this behaviour. Also, the module has an additional useful feature - admin notification via email about infected files. (8.x)
How to use it?
Install as usual. (7.x)
Install as usual. (8.x)
Configuration (6.x, 7.x)
- Goto admin/config/system/virustotal and paste in a valid personal API key. If you are registered to the VirusTotal community you will find you key at your profile on the "API key" tab.
D8 version configuration: (8.x)
- Goto /admin/config/system/virustotal/api_settings and paste a valid personal API key.
- If you are registered to the VirusTotal community you will find you key at your profile on the "API key" tab.
- Also you will be able to enable admin notifications to get information about viruses found at your website.
Sitebuilding (7.x)
- If you just need the basic API functionality you should have a look at the VirusTotal Rules submodule. With Rules 2.x and the VirusTotal API Rules integration you can handle most of the API functionality without writing any line of code. Instructions..
Development (6.x, 7.x)
- If you want to use or extend the VirusTotal API you should have a look at the VirusTotal API Examples submodule. It will show you how to use the all functionality in detail.
API Functionality
(7.x)
Functions of the VirusTotal API Class
- scanFile() Sends a File to VirusTotal service to queue it for scanning.
- getFileReport() Tries to retrieve a file scan report.
- scanUrl() Sends an URL to VirusTotal service and queue it for scanning.
- getUrlReport() Tries to retrieve a URL scan report.
- makeComment() Creates a comment on a file or URL report.
Hooks (7.x)
- hook_virustotal_query_alter Modules may make changes to the query data before it is send to VirusTotal.
- hook_virustotal_result_alter Modules may make changes to the response data before it is returned.
Requirements
No other modules are required but a valid VirusTotal community account is needed and cURL library must be installed.
D8 Module version
Entity Events
GuzzleHTTP v6+ library
GuzzleHttp folder should be placed to your project 'vendor' directory
and included in the project default autoload.
If you are using composer module version all dependencies
will be downloaded automatically.
A word of warning
As VirusTotal.com is a free service please remember to protect them from "junk". Don't send images (like .png, .jpgs and .gif) or plain-text files (like .txt) to Virustotal, it is very unlikely that these files contain harmful stuff. Really vulnerable files (that are worth sending to VT) are executables (.exe, .scr, .pif, .bat) and typical files like .pdf's, java-applet's or flash applications. Also rather think about requesting an existing scan-report before checking the same file twice.
Supporting organizations:
Support and bugfixing
Project information
- Module categories: Administration Tools, Content Editing Experience, Media
- Ecosystem: FileField
9 sites report using this module- Created by patrickd on , updated
Stable releases for this project are covered by the security advisory policy.
Look for the shield icon below.
Releases
2.0.0
released 13 June 2023
released 13 June 2023
Works with Drupal: ^9.4 || ^10
✓ Recommended by the project’s maintainer.
Install:
Development version: 2.0.x-dev updated 13 Jun 2023 at 09:42 UTC
7.x-2.0-beta2
released 27 January 2012
Works with Drupal: 7.x
✓ Recommended by the project’s maintainer.
