Clam AntiVirus (ClamAV) is an antivirus software toolkit. It is supported by cPanel and you can install ClamAV from WHM. It can be used to check viruses in mails and in the website content.
It is licensed under the GNU and is free for all to use. It can detect numerous malicious software and viruses. Because of the low vulnerability of Unix systems to viruses, ClamAV has established itself as the standard for mail server gateway scanning of emails.
Third party versions of ClamAV are available for platforms such as AIX, BSD, HP-UX, Linux, Mac OS X, OpenVMS, OSF and Solaris. ClamAV build version 0.96 can run on Microsoft Windows as well. The latest version is 0.97.
ClamAV: Prominent Utilities
The most prominent utilities of ClamAV are mentioned below:
- Command-line scanning,
- Automatic database update, and
- Scalable multi-threaded daemon, which runs on an anti-virus engine from a shared library
Check the ” Install and keep updated” Box against the ClamAV and click Save at the bottom.
Once you have enabled and configured ClamAV, we recommend that you create a root cronjob to run daily during off-peak hours. The cronjob should run the following command:
for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do /usr/bin/clamscan -i -r /home/$i 2>>/dev/null; done >> /root/infections&
This command will sweep iframe injections across your /home/$user
directories and detect spam mail. You can go through them and ignore the false positives.
Using ClamAV
Once installed, you will be able to see an icon in the WHM -> Plugin area for the ClamAV and we can perform a scan of the server from that web interface. You can use the ” User Configuration area to select users to scan.
Update Virus Definitions.
ClamAV keeps its own local database which need to be updated as new and new viruses and malwares are appearing daily. When ClamAV installs, it adds a cron job to update the virus definitions.. If you need to do it manually, you need to login to SSH to the server and run this command.
/usr/bin/freshclam
Eventhough clam is good in finding the viruses in mails and uploaded files, some times, it fails to detects code injections and some malware which injected to your htmls and .js files due to the code vulnerabilities. You always need to be on top of your codes and the account so that your files will be free from viruses.