The problem
Files are accepted into storage before malware checks happen, leaving unsafe bytes in permanent buckets.
MobyTechy provides a server-to-server malware scanning service for websites, dashboards, portals, and client projects that need ClamAV-backed file checks before uploads become permanent.
Service blueprint
Next.js
React
TypeScript
Files are accepted into storage before malware checks happen, leaving unsafe bytes in permanent buckets.
Server-to-server raw-byte scanning API backed by private ClamAV infrastructure.
Risky uploads can be blocked before they reach permanent public or private storage.
Overview
MobyTechy provides a server-to-server malware scanning service for websites, dashboards, portals, and client projects that need ClamAV-backed file checks before uploads become permanent.
The work focuses on clear user journeys, dependable implementation, search and analytics foundations, and a launch plan that can improve once real usage data appears.
The service scans file bytes from a trusted backend before permanent storage. Scan credentials stay out of browsers and mobile apps, and storage is approved only when the response is clean with allow=true.
MobyTechy-built projects that accept customer, employee, support, finance, legal, or media uploads.
Client backends that need a reusable file-scanning gate before writing to their own storage.
Teams that cannot safely put scanner credentials in browsers, mobile apps, or distributed client software.
Projects that need clear scan results, per-environment credentials, quotas, and operational evidence.
Files are accepted into storage before malware checks happen, leaving unsafe bytes in permanent buckets.
Upload flows rely on ad hoc validation without a consistent clean-or-block decision.
Scanner credentials or upload trust boundaries are unclear across websites, apps, and client projects.
Teams need a reusable capability instead of rebuilding file-scanning logic for every project.
Key Capabilities
Server-to-server raw-byte scanning API backed by private ClamAV infrastructure.
Per-project and per-environment tenants, credentials, quotas, file-size policy, and rotation support.
Fail-closed response handling where only decision clean and allow true can approve storage.
Integration guidance for Bun/TypeScript backends and protocol-neutral HTTP consumers.
Operational setup for health checks, audit events, usage tracking, alerts, and staging certification.
Risky uploads can be blocked before they reach permanent public or private storage.
New MobyTechy projects can reuse the same scanning pattern instead of custom one-off logic.
Client projects get a clearer security boundary with server-only credentials and auditable decisions.
Identify upload paths, file categories, maximum sizes, MIME policy, storage behavior, and the owner for each consuming project.
Create environment-specific tenants and credentials, set quotas, and deliver secrets only through protected server-side configuration.
Connect the trusted backend to the scanner before permanent storage and bind approval to the exact checksum and byte length.
Run clean, EICAR, scanner-unavailable, timeout, revoked-key, size-limit, and rotation checks before enforcement.
Monitor health, signatures, usage, failures, alerts, retention, credential expiry, and recurring recertification.
No. The scanner is designed for trusted server-to-server use only. Credentials must stay in backend environments or protected secret managers.
The synchronous API scans streamed bytes and returns a decision. It does not accept customer buckets, object keys, public URLs, or permanent storage instructions.
Only the exact pair decision clean and allow true should approve storage. Infected, rejected, timeout, unavailable, malformed, rate-limited, and unknown outcomes must deny storage.