question

ashwanikumar-8198 avatar image
2 Votes"
ashwanikumar-8198 asked FarazAhmedSHShaikh-0800 answered

How to restrict user for not posting malicious file like virus or malware in Multi-part Message Type or attachment of Azure Web API/Logic APp/Azure function?

I am designing a Multi-part Message Type Web API/Logic APP to post different types of file like Zip, jpg, pdf etc.

The size of the file could very from 1 MB to 500 MB.

One of the attachment is of type *.ZIP.. I am not sure how to ensure that they should not post malicious file like virus or malware etc as an zipped content.

As a part of PaaS offering - do we have anything to validate the Web API attached files or its automatically going to be handled by Azure or firewall.

Regards,
Ashwani

azure-webappsazure-logic-appsazure-api-managementazure-webapps-developmentazure-webapps-security
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@ashwanikumar-8198 Just following up here to see if my response helps

0 Votes 0 ·
PramodValavala-MSFT avatar image
1 Vote"
PramodValavala-MSFT answered

I believe there aren't any first-party PaaS offerings for this and Azure Firewall doesn't have the ability to scan file uploads either. You could however build your own pipeline to scan file uploads before processing them.

To scan the files, you could leverage one of the logic app connectors available for virus scanning but note that these rely on external services to perform the scanning. A customer solution would involve using an open-source engine like ClamAV that you could call from Azure Functions for example. This blog shows how you can approach this.

To ensure infected files never reach your internal storage, you could first store it in a temporay blob container, scan it and then move it to the actual location where you need it for processing.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

rupesh-tiwari avatar image
0 Votes"
rupesh-tiwari answered

I agree with @PramodValavala-MSFT

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

FarazAhmedSHShaikh-0800 avatar image
0 Votes"
FarazAhmedSHShaikh-0800 answered

Have you considered using Application Gateway and WAF?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.