Secure file uploads with redux-plupload, ClamAV and S3

We have recently added a new feature that allows a user to upload a file from our webpage. We implemented this using redux-plupload, ClamAV and S3 to satisfy the following requirements: the file should be uploaded from the client to avoid excessive memory use on the server while streaming files. the upload must be secure and the file must be stored securely (and ideally encrypted at rest). the file should be virus free so that it can be downloaded without worry.


The things we trust to github

One of the issues of using public GitHub is that, well, it’s public. Even with the layers of security, it’s all your information ‘out there’. Somewhere. However, it is a fact of life that we all use GitHub and many large and small companies choose the hosted GitHub option over hosting an in-house, expensive GitHub Enterprise environment. The problem is that developers and operations folks sometimes push things into GitHub without thinking.