The Malware Scanner is a powerful security feature integrated into the XenVn addon, designed to protect XenForo 2 installations from malicious code. It automatically scans system files and user-uploaded attachments to detect potential malware, shells, and injected code inside various file types.
Smart Multi-Layer Detection
The scanner uses an intelligent pattern-matching engine built from diverse malware signatures. It supports deep inspection of multiple formats, including:
- TXT, XML, PHP
- ZIP files, including:
- All contents inside the ZIP
- Nested ZIP files (ZIP-inside-ZIP)
- PHP or script files hidden under misleading extensions
How to Enable Attachment Scanning
To activate malware scanning for XenForo attachments, go to:
XenVn Setting → Attachments → Malware Scanner For Attachments (Version 2.4.9+)
Once enabled, all newly uploaded attachments will be automatically scanned in the background.
Main Features:
1. Full System File Scan
Navigate to: XenVn → Malware Scanner
This allows administrators to scan all XenForo system files for suspicious code, modified PHP scripts, or potential backdoors.
2. Manual Upload & Scan
Also located under: XenVn → Malware Scanner
Admins can upload any file manually and perform an instant scan using the built-in Upload & Scan button. Useful for checking external files before importing them into XenForo.
3. Scan All XenForo Attachments
You can trigger a complete scan of all existing attachment files through:
Tools → Rebuild caches → [XenVn] Rebuild Data → Scan attachments for malware
This is ideal for periodic security audits of old attachments.
4. Background Scanning for New Uploads
Whenever a user uploads a new attachment, XenVn automatically scans the file in the background.
This ensures malicious content is detected before it is shared or downloaded by others.
5. Suspicious File Statistics
Results and logs of suspicious attachments can be viewed in:
XenForo ACP → Content → Attachments
This section highlights flagged files, helping administrators quickly identify and review potential threats.
6. Visual Indicator for Each Attachment
XenVn adds a recognizable malware-status icon next to every attachment file.
Icons make it easy to see at a glance which files are safe, suspicious, or need review.
Scan results may not be 100% accurate. The malware scanner is designed to assist administrators by providing warnings about files that appear suspicious based on detected patterns. For each flagged item, the tool displays detailed information such as the file name, file path, matched malware signature, and the line number where the pattern was found.
Please review and verify these findings manually. The scanner does not delete or modify any of your files automatically - all decisions remain under your control.
Last edited:
