Using Cloudmersive Security API with PHP to Scan Executable Files and Prevent Threats
This guide explains how to install the Cloudmersive Security SDK, obtain a free API key, and use PHP code to configure advanced scanning options—such as disabling executable detection and customizing threat rules—to safely analyze files for malware, scripts, encrypted content, macros, and other security risks.
Executable files normally run programs, but they can be abused for malicious actions such as remote code execution, so downloads should be treated cautiously and only obtained from trusted sources.
The following PHP code demonstrates how to use a free Cloudmersive Security API to perform dual‑layer protection: one scan identifies potential malware, and another validates the file format to reveal executable threats.
By setting request variables in the API call, you can create custom threat rules for unwanted but verified file types, further enhancing monitoring and defense.
First, install the Cloudmersive SDK via Composer with the command: composer require cloudmersive/cloudmersive_security_api_client .
Obtain a free Cloudmersive API key, which allows up to 800 file scans per month at no cost.
In the request, set the allow_executables parameter to "false" so the API will not execute detected executables, and set CleanResult to "false" as well.
<?php
require_once(__DIR__ . '/vendor/autoload.php');
// Configure API key authorization: Apikey
$config = Swagger\Client\Configuration::getDefaultConfiguration()->setApiKey('Apikey', 'YOUR_API_KEY');
$apiInstance = new Swagger\Client\Api\ScanApi(
new GuzzleHttp\Client(),
$config
);
$input_file = "/path/to/inputfile"; // \SplFileObject | file to be scanned
$allow_executables = true; // set to false to block executables (recommended default false)
$allow_invalid_files = true; // set to false to block invalid files (recommended default false)
$allow_scripts = true; // set to false to block script files (recommended default false)
$allow_password_protected_files = true; // set to false to block password‑protected files (recommended default false)
$allow_macros = true; // set to false to block embedded macros (recommended default false)
$allow_xml_external_entities = true; // set to false to block XML external entities (recommended default false)
$allow_insecure_deserialization = true; // set to false to block insecure deserialization (recommended default false)
$allow_html = true; // set to false to block HTML input (recommended default false) [default true for older API keys]
$restrict_file_types = "restrict_file_types_example"; // comma‑separated list of allowed file extensions, e.g., .pdf,.docx,.png
try {
$result = $apiInstance->scanFileAdvanced($input_file, $allow_executables, $allow_invalid_files, $allow_scripts, $allow_password_protected_files, $allow_macros, $allow_xml_external_entities, $allow_insecure_deserialization, $allow_html, $restrict_file_types);
print_r($result);
} catch (Exception $e) {
echo 'Exception when calling ScanApi->scanFileAdvanced: ', $e->getMessage(), PHP_EOL;
}
?>Beyond executables, you can configure rules for scripts, encrypted files, macros, and other threats; the underlying security service uses signature scanning and predictive threat detection to identify millions of viruses and malware.
Thus, with just a few lines of PHP, you can perform advanced threat scanning, accurately detecting hidden executable risks.
php中文网 Courses
php中文网's platform for the latest courses and technical articles, helping PHP learners advance quickly.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.