search

nextcloud / files_antivirus

👾 Antivirus app for Nextcloud Files
https://apps.nextcloud.com/apps/files_antivirus
GNU Affero General Public License v3.0
85 stars 36 forks source link

Office, PDF and Zip Files Not Checked by AV. Error: Not Checked. No matching rule for response []. Please check antivirus rules configuration #318

Open hammeractual opened 7 months ago

hammeractual commented 7 months ago

Steps to reproduce

  1. Clients upload files
  2. Error happened in log

Expected behaviour

All common file types is scanned by Clamav and no error thrown

Actual behaviour

Error happened: Not Checked. No matching rule for response []. Please check antivirus rules configuration with Office, PDF and Zip files

Server configuration

Operating system: Ubuntu 22.04.4

Web server: Apache 2.4

Database: MariaDB 10.11

PHP version: 8.2

Nextcloud version: 28.0.3

Where did you install Nextcloud from: Community Manual installation with Archive

List of activated apps:

Enabled:
  - activity: 2.20.0
  - admin_audit: 1.18.0
  - bruteforcesettings: 2.8.0
  - cloud_federation_api: 1.11.0
  - comments: 1.18.0
  - contactsinteraction: 1.9.0
  - dav: 1.29.1
  - federatedfilesharing: 1.18.0
  - federation: 1.18.0
  - files: 2.0.0
  - files_antivirus: 5.4.2
  - files_pdfviewer: 2.9.0
  - files_reminders: 1.1.0
  - files_sharing: 1.20.0
  - files_trashbin: 1.18.0
  - files_versions: 1.21.0
  - firstrunwizard: 2.17.0
  - forms: 4.1.1
  - impersonate: 1.15.0
  - logreader: 2.13.0
  - lookup_server_connector: 1.16.0
  - nextcloud_announcements: 1.17.0
  - notifications: 2.16.0
  - oauth2: 1.16.3
  - password_policy: 1.18.0
  - photos: 2.4.0
  - previewgenerator: 5.4.0
  - privacy: 1.12.0
  - provisioning_api: 1.18.0
  - recommendations: 2.0.0
  - related_resources: 1.3.0
  - richdocuments: 8.3.1
  - serverinfo: 1.18.0
  - settings: 1.10.1
  - sharebymail: 1.18.0
  - support: 1.11.0
  - survey_client: 1.16.0
  - systemtags: 1.18.0
  - text: 3.9.1
  - theming: 2.3.0
  - twofactor_backupcodes: 1.17.0
  - updatenotification: 1.18.0
  - user_ldap: 1.19.0
  - user_status: 1.8.1
  - viewer: 2.2.0
  - workflowengine: 2.10.0
Disabled:
  - circles: 28.0.0-dev (installed 27.0.1)
  - dashboard: 7.8.0 (installed 7.5.0)
  - encryption: 2.16.0
  - files_external: 1.20.0
  - suspicious_login: 6.0.0
  - twofactor_totp: 10.0.0-beta.2
  - weather_status: 1.8.0 (installed 1.5.0)

Nextcloud configuration:

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "x.x.x.x",
            "x.x.x.x",
            "x.x.x.x"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "28.0.3.2",
        "overwrite.cli.url": "https:\/\/x.x.x.x\/",
        "htaccess.RewriteBase": "\/",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "filelocking.enabled": "true",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 0,
            "dbindex": 0,
            "password": "***REMOVED SENSITIVE VALUE***",
            "timeout": 0
        },
        "default_phone_region": "ID",
        "default_locale": "id_ID",
        "simpleSignUpLink.shown": false,
        "auth.webauthn.enabled": false,
        "ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory",
        "ldapUserCleanupInterval": 60,
        "lost_password_link": "disabled",
        "allow_local_remote_servers": true,
        "loglevel": 2,
        "maintenance": false,
        "session_lifetime": 604800,
        "session_keepalive": true,
        "remember_login_cookie_lifetime": 1296000,
        "allow_user_to_change_display_name": false,
        "enable_previews": true,
        "preview_max_x": 1024,
        "preview_max_y": 1024,
        "preview_concurrency_all": 32,
        "preview_concurrency_new": 16,
        "preview_max_memory": 384,
        "preview_max_filesize_image": 10,
        "enabledPreviewProviders": [
            "OC\\Preview\\PNG",
            "OC\\Preview\\JPEG",
            "OC\\Preview\\GIF",
            "OC\\Preview\\BMP",
            "OC\\Preview\\XBitmap",
            "OC\\Preview\\MP3",
            "OC\\Preview\\TXT",
            "OC\\Preview\\MarkDown",
            "OC\\Preview\\OpenDocument",
            "OC\\Preview\\Krita"
        ],
        "data-fingerprint": "8d383279e56f9ff4bde52a77226fe27d",
        "maintenance_window_start": 17,
        "default_timezone": "x\/x",
        "logtimezone": "x\/x"
    }
}

Client configuration

Browser: Google Chrome

Operating system: Windows 10

Logs

Nextcloud log (data/owncloud.log)

"reqId": "TBxg07FO1CJibGt07Eh0",
  "level": 3,
  "time": "2024-03-05T21:37:02+07:00",
  "remoteAddr": "",
  "user": "--",
  "app": "files_antivirus",
  "method": "",
  "url": "--",
  "message": "Not Checked. No matching rule for response []. Please check antivirus rules configuration. File: 125480 Account: e2d350ce-6ebf-103d-84cd-addc165358a8 Path: /e2d350ce-6ebf-103d-84cd-addc165358a8/files/xxx/xxx.pptx",
  "userAgent": "--",
  "version": "28.0.3.2",
  "data": {
    "app": "files_antivirus"
  },
  "id": "65e7e4fd6762c"
}

"reqId": "gC65MQCecWWrfSZNlLZX",
  "level": 3,
  "time": "2024-03-05T14:35:22+07:00",
  "remoteAddr": "",
  "user": "--",
  "app": "files_antivirus",
  "method": "",
  "url": "--",
  "message": "Not Checked. No matching rule for response []. Please check antivirus rules configuration. File: 2501 Account: xx Path: /xx/files/xx/xx/xx.zip",
  "userAgent": "--",
  "version": "28.0.3.2",
  "data": {
    "app": "files_antivirus"
  },
  "id": "65e7e4fd67663"
}

"reqId": "836MqKcssfk7F7S1phan",
  "level": 3,
  "time": "2024-03-05T19:20:48+07:00",
  "remoteAddr": "",
  "user": "--",
  "app": "files_antivirus",
  "method": "",
  "url": "--",
  "message": "Not Checked. No matching rule for response []. Please check antivirus rules configuration. File: 100450 Account: xx Path: /xx/files/xx/xx/xx.pdf",
  "userAgent": "--",
  "version": "28.0.3.2",
  "data": {
    "app": "files_antivirus"
  },
  "id": "65e7e55701c09"
}

Browser log

Insert your browser log here, this could for example include:

a) The javascript console log
b) The network log
c) ...
MalteP commented 6 months ago

Possible duplicate of #261, please try to increase default_socket_timeout for php-cli as mentioned there.