Creating an Azure AntiVirus Scanner – Part 1

Creating an Azure AntiVirus Scanner – Part 1

Getting an antivirus service in a docker container up and running locally (on windows)

The User Story: I want to be able to tell if a document uploaded to a site is free from malware or viruses.

TLDR: ClamAV + Docker + VSCode + Windows = Local File Scanner

Now, surely, I hear to say, there must be a service within Azure that can help with this problem?  Well sort of, you can spin up a VM and take advantage of Windows Defender or whatever you choose to install on it but Virtual Machines are so last decade.  For me VMs bring with them additional overheads such as patching and security that I don’t want to have to deal with (plus I could figure out a way of automating Defender with powershell).  Ideally there would be some kind of service that could be invoked on blob storage but alas this doesn’t seem like it will happen (see here)

A quick search brings you to ClamAV, this seems to be the mulitplatform OSS anti-virus solution of choice.

With ClamAV you can install it as a windows service but as with a lot of Open Source software windows doesn’t feel like the primary OS so that creates another problem.  I have dabbled in Linux in the past and have a few custom Python scripts running on a NAS but I don’t use it on a day-to-day basis so am a little rusty.

Another quick search brings you to a ready-made docker container project created by the UK Home Office.  Up until this point I had not played with docker but understand the potential, plus it what all the “cool kids” are talking about at conferences so it much be worth a look, right?

Lets get a dev machine set up, I am running this on a Windows 10 machine so we are going to need a couple of tool…

VS Code – Ordinarily I would use full-fat Visual Studio for development but you are going to be using a terminal which it has built in.  Plus the docker extension is a must.
Docker for windows – This sets up your machine so that it can run containers.  (It is important once this is installed to enable the shared drive otherwise you will run into an issue)

open vs code and press F1 to bring up the command prompt to clone the repo…

Git: Clone

then select the local folder to clone the repo to.
Once cloned you will be prompted to open the repo.
Now the first gotcha, vscode by default opens everything with CRLF line endings, docker doesn’t seem to like these so you will need to convert the following files to LF.  (The easiest way to do that in VSCode is to open the files, hit F1 and type “Change End of Line Sequence” , make sure you save the files after changing)

  • DockerFile
  • clamd.conf
  • freshclam.conf

Right click the Dockerfile and select “Build Image” (this is from the docker vscode extension).  You will be prompted for an image name (accept the default for now).
This will run the following command. (if you are feeling adventurous you can run this manually in a terminal window)

docker build --rm -f "Dockerfile" -t docker-clamav:latest

Now open up the docker explorer (also from the vscode extension), right click your new image and select “Run”

This will run the following command

docker run --rm -d -p 3310:3310/tcp docker-clamav:latest

You should now have a running docker container, lets confirm it’s working by attaching a shell.

A terminal windows should open, type the following command into it.


you should see the following..

In the next part we will look at deploying this to a container instance in Azure.


3 thoughts on “Creating an Azure AntiVirus Scanner – Part 1

  1. Hi there,
    I’m trying to run this part, but when I execute “./” I get a message saying freshclam is not running, any idea why that might be?



    1. Not sure sorry, one issue I ran into creating this was to do with the version of clamav. Try downgrading (not the best advice I know but might give you a pointer towards a solution). Let me know if you figure it out, I will have a look at my implementation in the mean time.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.