Drupal is a registered trademark of Dries Buytaert
Protected Pages 3.0.0 Major update available for module protected_pages (3.0.0). Commerce Core 3.3.8 Minor update available for module commerce (3.3.8). Layout Builder Reorder 2.0.1 Minor update available for module layout_builder_reorder (2.0.1). Ban 1.1.0 Minor update available for module ban (1.1.0). Field Formatter Range 2.0.0 Major update available for module field_formatter_range (2.0.0). Field Formatter Range 8.x-1.8 Minor update available for module field_formatter_range (8.x-1.8). UI Patterns (SDC in Drupal UI) 2.0.18 Minor update available for module ui_patterns (2.0.18). Varbase FAQs 9.2.1 Minor update available for module varbase_faqs (9.2.1). Search API Solr 4.3.11 Module search_api_solr updated after 14 months of inactivity (4.3.11). Provus Mega Menu Module provus_mega_menu crossed 1,000 active installs.

XSS File Scan

63 sites Security covered
View on drupal.org

This module scans uploaded files for malicious content using administrator-defined patterns and regular expressions. It can block suspicious uploads, log events, display user-friendly error messages, and send email notifications to prevent harmful files from being saved.

xss_file_scan is a Drupal contrib module that scans uploaded files for potentially malicious content using administrator-defined patterns. It integrates with Drupal’s validation and configuration systems to block, log, and report suspicious uploads before they are saved.

Features

Pattern-based file scanning using configurable regular expressions.
Validation constraint attached to file uploads (including media/file fields).
Flexible actions per detection: block upload, log event, show user-friendly error.
Optional email notifications to one or more recipients.
Per-language error messages for localized feedback.
Central configuration form under the admin “Configuration → System” section.

Post-Installation

Enable the xss_file_scan module via Extend (/admin/modules) or Drush.
Go to the settings page (Configuration → System → XSS file scan) and:
Define one or more detection patterns (regular expressions).
Choose whether to block uploads, log events, show error messages, and/or send email.
Configure notification recipients and per-language error messages.
Test by uploading a file containing a known test pattern to verify behavior (block/log/email).

Additional Requirements

A working mail system in Drupal (core mail or a mail backend module) to send email notifications.
Access to the Drupal log (Database Logging or syslog) to review logged scan results.
PHP PCRE support (regular expressions) for pattern matching, which is standard in typical PHP setups.

Database Logging (dblog) or a logging backend (e.g., syslog) for easier monitoring of detected events.
A mail backend module if you need advanced delivery options or external mail services.
Security-oriented modules (e.g., Security Review, file antivirus modules) to complement pattern-based scanning.

Supporting this Module

Report bugs, feature requests, and edge cases via the project’s issue queue.
Contribute patches or merge requests to improve scanning logic, UX, or performance.
Share real-world patterns and configuration examples that help other site builders.
Sponsor development or documentation if you rely on the module in critical environments.

Community Documentation

See the module’s README file and in-code documentation for configuration details and examples.
Follow best-practice guides for secure file uploads in Drupal and adapt your patterns accordingly.
When you develop custom integrations or recipes, consider sharing them as community documentation or issue queue notes so others can benefit.

Activity

Total releases
2
First release
Mar 2026
Latest release
4 months ago
Releases (12 mo)
2 ▲ from 0
Maintenance
Active

Releases

Version Type Release date
1.0.1 Stable Mar 3, 2026
1.0.0 Stable Mar 2, 2026