Using ClamAV or an external API, secure file upload and virus scanning in ASP.NET Core + Angular

Because of this, incorporating virus detection throughout the file upload procedure is now required rather than optional. Using Angular (frontend) and ASP.NET Core (backend), we'll examine how to create a secure file upload system that uses ClamAV or an external antivirus scanning API to identify threats prior to file storage.

File uploads are a frequent function in contemporary web applications, whether they be for product photos, personnel paperwork, or bills. However, there is a security risk associated with every file upload. Your entire system can be compromised by a single malicious file.

Why File Scanning Matters?

Malicious users often upload:

Executable files disguised as PDFs or images
Files containing embedded malware or scripts
Corrupted data that crashes backend processing

If these files are stored unchecked, they can cause:

System compromise
Data corruption
Application downtime

By integrating ClamAV or a cloud-based virus scanning API, you ensure each file is verified before it reaches your database or file server.

System Architecture

Here’s how the process works step by step:

Angular File Upload Component
        │
        ▼
ASP.NET Core File Upload API
        │
        ▼
Virus Scanner (ClamAV / External API)
        │
        ├── Clean → Store File (Database / Cloud / File System)
        └── Infected → Reject File & Log Event

Core Components

Angular Frontend: Captures and uploads files.
ASP.NET Core API: Receives and streams the file securely.
ClamAV (or API): Scans uploaded files in real-time.
Storage Layer: Saves only clean files to disk or cloud.

Step 1: File Upload in Angular

A simple Angular component for file upload:

@Component({
  selector: 'app-file-upload',
  template: `
    <h3>Upload File</h3>
    <input type="file" (change)="onFileSelected($event)" />
  `
})
export class FileUploadComponent {
  constructor(private http: HttpClient) {}

  onFileSelected(event: any) {
    const file = event.target.files[0];
    if (file) {
      const formData = new FormData();
      formData.append('file', file);
      this.http.post('https://yourapi.com/api/files/upload', formData)
        .subscribe({
          next: res => alert('File uploaded successfully!'),
          error: err => alert('Upload failed: ' + err.message)
        });
    }
  }
}

Step 2: File Upload API in ASP.NET Core

Create a secure upload endpoint that temporarily stores and scans the file.

[ApiController]
[Route("api/files")]
public class FileUploadController : ControllerBase
{
    private readonly IVirusScannerService _virusScanner;

    public FileUploadController(IVirusScannerService virusScanner)
    {
        _virusScanner = virusScanner;
    }

    [HttpPost("upload")]
    public async Task<IActionResult> UploadFile(IFormFile file)
    {
        if (file == null || file.Length == 0)
            return BadRequest("Invalid file");

        var tempPath = Path.Combine(Path.GetTempPath(), file.FileName);
        using (var stream = new FileStream(tempPath, FileMode.Create))
        {
            await file.CopyToAsync(stream);
        }

        var isClean = await _virusScanner.ScanFileAsync(tempPath);

        if (!isClean)
        {
            System.IO.File.Delete(tempPath);
            return BadRequest("Virus detected! Upload rejected.");
        }

        // Move to permanent storage
        var finalPath = Path.Combine("C:\\Uploads", file.FileName);
        System.IO.File.Move(tempPath, finalPath);

        return Ok("File uploaded and scanned successfully.");
    }
}

Step 3: Implementing Virus Scanning Service

Option 1: Using ClamAV (Local or Docker Instance)

ClamAV can run as a daemon (clamd) or via TCP.
Here’s an example using TCP scanning:

public class ClamAVVirusScanner : IVirusScannerService
{
    private readonly string _clamAVServer;
    private readonly int _clamAVPort;

    public ClamAVVirusScanner(IConfiguration config)
    {
        _clamAVServer = config["ClamAV:Server"];
        _clamAVPort = int.Parse(config["ClamAV:Port"]);
    }

    public async Task<bool> ScanFileAsync(string filePath)
    {
        using (var client = new TcpClient(_clamAVServer, _clamAVPort))
        using (var stream = client.GetStream())
        {
            var fileData = await File.ReadAllBytesAsync(filePath);
            var command = Encoding.UTF8.GetBytes("zINSTREAM\0");
            await stream.WriteAsync(command, 0, command.Length);
            await stream.WriteAsync(fileData, 0, fileData.Length);

            // End of stream
            await stream.WriteAsync(new byte[] { 0, 0, 0, 0 });

            byte[] responseBuffer = new byte[1024];
            int bytesRead = await stream.ReadAsync(responseBuffer);
            var response = Encoding.UTF8.GetString(responseBuffer, 0, bytesRead);

            return !response.Contains("FOUND");
        }
    }
}

Option 2: Using External Virus Scanning API

If you prefer cloud scanning (no setup required), you can use services like:

VirusTotal API
Cloudmersive Virus Scan
Metadefender API

Example (VirusTotal)

public async Task<bool> ScanWithVirusTotalAsync(string filePath)
{
    using var http = new HttpClient();
    using var form = new MultipartFormDataContent();
    form.Add(new ByteArrayContent(await File.ReadAllBytesAsync(filePath)), "file", Path.GetFileName(filePath));

    http.DefaultRequestHeaders.Add("x-apikey", "YOUR_API_KEY");
    var response = await http.PostAsync("https://www.virustotal.com/api/v3/files", form);
    var content = await response.Content.ReadAsStringAsync();

    return !content.Contains("\"malicious\"");
}

Step 4: Security Best Practices

Always validate file type before upload.
Set max upload size in ASP.NET Core configuration.
Use random filenames to prevent path traversal.
Never execute or render uploaded files directly.
Log scan results and notify admins of any infected uploads.

Flowchart: File Upload + Virus Scanning Workflow

User Uploads File (Angular)
        │
        ▼
ASP.NET Core API Receives File
        │
        ▼
Temporary Storage (File System / Memory)
        │
        ▼
Virus Scanning (ClamAV or External API)
        │
        ├── Clean → Move to Final Storage
        └── Infected → Delete File + Log Event

Advanced Enhancements

Asynchronous Scan Queue: Use background jobs to scan large files in parallel.
Cloud Integration: Upload to Azure Blob or AWS S3 after scan.
Dashboard View: Show scan history and infection statistics.
Alerting System: Notify admin via email or Teams on detection.

Conclusion

A robust file upload pipeline with virus scanning not only improves security but also builds user trust.
By combining Angular, ASP.NET Core, and ClamAV (or any external API), you can easily implement a real-time scanning layer that keeps your ERP, CMS, or document portal safe from threats without compromising user experience. Security doesn’t have to slow you down — it can be seamlessly built into your system.

Best ASP.NET Core 10.0 Hosting Recommendation

One of the most important things when choosing a good ASP.NET Core 8.0 hosting is the feature and reliability. HostForLIFE is the leading provider of Windows hosting and affordable ASP.NET Core, their servers are optimized for PHP web applications. The performance and the uptime of the hosting service are excellent and the features of the web hosting plan are even greater than what many hosting providers ask you to pay for.

At HostForLIFE.eu, customers can also experience fast ASP.NET Core hosting. The company invested a lot of money to ensure the best and fastest performance of the datacenters, servers, network and other facilities. Its datacenters are equipped with the top equipments like cooling system, fire detection, high speed Internet connection, and so on. That is why HostForLIFEASP.NET guarantees 99.9% uptime for ASP.NET Core. And the engineers do regular maintenance and monitoring works to assure its Orchard hosting are security and always up.