ClamAV is an open source (GPL) antivirus engine designed for detecting trojans, viruses, malware and other malicious threats.
To Install ClamAV for Non-cPanel Servers
-
Install EPEL Repo using the command:
rpm -Uvh https://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
This will create an EPEL Repo file /etc/yum.repos.d/epel.repo.
-
Install required ClamAV packages.
yum install clamav clamd
-
Start the clamd service and set it to auto-start.
/etc/init.d/clamd on
chkconfig clamd on
/etc/init.d/clamd start
-
Update ClamAV signatures using the command:
/usr/bin/freshclam
Now, you can configure daily scan as given below:
-
Create a cron file using the command
vim /etc/cron.daily/manual_clamscan
-
Add the following lines in the file /etc/cron.daily/manual_clamscan:
#!/bin/bash
SCAN_DIR=”/home”
LOG_FILE=”/var/log/clamav/manual_clamscan.log”
/usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILENoteYou need to change SCAN_DIR to the directory that you want to scan.
-
Set executable permission for the cron script using the command:
chmod +x /etc/cron.daily/manual_clamscan
To Install ClamAV for cPanel Servers
-
Login to your WHM panel as the root user.
-
Click the cPanel icon.
-
Select Manage Plugins. This will bring up a list of additional cPanel modules.
-
Select the checkbox next to ClamAV Install and Keep Updated.
-
Submit the settings by clicking Save.
Listed below are some important options for Clamscan:
-
-h, –help: Print help information and exit
-
-v, –verbose: Be verbose
-
-l FILE, –log=FILE: Save scan report to FILE
-
-f FILE, –file-list=FILE: Scan files listed line by line in FILE
-
-r, –recursive: Scan directories recursively. All the subdirectories in the given directory will be scanned. These options can be used multiple times.
-
-i: Print infected files
-
–remove[=yes/no(*)]: Remove infected files
-
–move=DIRECTORY: Move infected files into DIRECTORY. Directory must be writeable for the user or unprivileged user running clamscan.
-
–copy=DIRECTORY: Copy infected files into DIRECTORY. Directory must be writeable for the user or unprivileged user running clamscan.