Uploading files to a server that has Real Time Antivirus scan running

I need to allow users to upload files onto a server that has an antivirus program running with real-time scanning switched on.

What would be a good design to ensure that infected files are not uploaded to the server.

Questions -

1. would large files be copied onto disk and then immediately scanned, 开发者_如何转开发or would they be scanned as they are copied and not allowed to appear on disk if infected

2. Should i build a seperate infrastructure around this to specifically ionvoke a scan on the copied file ? this might be an issue if the file is deleted through the real-time scan

1. This depends on your antivirus system and OS. This should be easy to determine through testing. On Windows, it seems that most real time antivirus systems scan the file as it is written to disk, and well before the file can be executed, moved, or copied by Windows Explorer. Windows Explorer gets an error if it continues to try to access the file.
2. If the above doesn't meet your needs, then yes, you'll probably want to invoke the scan manually. If your antivirus automatically deletes or quarantines the file, you'd simply check to see if the file were still in its original location after the scan. Ideally, your antivirus would allow you to scan the file and return true or false as to whether it were infected, which would allow you to delete the file manually.