Install clamav on cpanel server
Install clamav on cpanel server
Clamscan is an antivirus program, you can install it on your cPanel server to scan vulnerabilities. You can simply enable the clamscan plugin via WHM.
Go to WHM >> Manage plugins >> Click on Install ClamAV for cPanel
How to install clamAV on backend
/scripts/ensurerpm gmp gmp-devel bzip2-devel
Need to add the clamav user and group
useradd clamav groupadd clamav
Change the user and group ownership
mkdir /usr/local/share/clamav chown clamav. /usr/local/share/clamav
You can download the latest ClamAv from the following official website
http://www.clamav.net/
wget http://www.clamav.net/downloads/production/clamav-0.99.tar.gz tar -xvzf clamav-0.99.tar.gz cd clamav-0.99 ./configure --disable-zlib-vcheck make make install
Move the sample configuration file to /usr/local/etc/freshclam.conf
mv -fv /usr/local/etc/freshclam.conf.sample /usr/local/etc/freshclam.conf
Comment out “Example” line in /usr/local/etc/freshclam.conf
Change the “LocalSocket” to /tmp/clamd in /usr/local/etc/clamd.conf
Run ldconfig to create the necessary links and cache to the most recent shared libraries
ldconfig freshclam
Init script for CentOS/CloudLinux upto/including version 6.x
curl https://download.configserver.com/clamd -o /etc/init.d/clamd chown root:root /etc/init.d/clamd chmod +x /etc/init.d/clamd chkconfig clamd on service clamd restart
Init script for CentOS/CloudLinux version 7.x
rm -fv /etc/init.d/clamd curl https://download.configserver.com/clamd.service -o /usr/lib/systemd/system/clamd.service systemctl daemon-reload systemctl enable clamd.service systemctl restart clamd.service
Add service to /etc/chkserv.d/clamav
cat /etc/chkserv.d/clamav service[clamav]=x,x,x,service clamd restart,clamd,root
Creating log files for ClamAV updates
touch /var/log/clam-update.log chown clamav:clamav /var/log/clam-update.log
Add ClamAV to chkservd
cat /etc/chkserv.d/chkservd.conf | grep clamav clamav:1
Try it on your cPanel server. Once clamAV is installed, you can directly scan for vulnerabilities using plugin, but it’s always better to scan the account or server via backend.
To scan a specific account
location /home/adminbirds ( cPanel account adminbirds )
scan command
clamscan -ir /home/adminbirds
I recommend you to put the scan in a screen, just create a screen and store the output in a file. If screen command is not installed
yum install screen
To create a screen
screen -S adminbirds
clamscan -ir /home/adminbirds > /home/adminbirds/scan_admin.txt
Your scan result will be stored in the file scan_admin.txt