Clam AntiVirus (ClamAV) is an antivirus software toolkit. It is supported by cPanel and you can install it from WHM. To install ClamAV, login to WHM Main >> Plugins >> Configure ClamAV Scanner.
To enable ClamAV Scanner:
- Select the check boxes corresponding to ClamAV.
- Click Save.
Once you have enabled and configured ClamAV, we recommend that you create a root cronjob to run daily during off-peak hours. The cronjob should run the following command:
for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do /usr/bin/clamscan -i -r /home/$i 2>>/dev/null; done >> /root/infections&
This command will sweep iframe injections across your /home/$user directories and detect spam mail. You can go through them and ignore the false positives.
Update Virus Definitions
ClamAV keeps its own local database which need to be updated as new and new viruses and malwares are appearing daily. When ClamAV installs, it adds a cron job to update the virus definitions.. If you need to do it manually, you need to login to SSH to the server and run this command.
/usr/bin/freshclam
Eventhough clam is good in finding the viruses in mails and uploaded files, some times, it fails to detects code injections and some malware which injected to your htmls and .js files due to the code vulnerabilities. You always need to be on top of your codes and the account so that your files will be free from viruses.
