Clam AntiVirus (ClamAV) is an antivirus software toolkit that is standard on new cPanel & WHM installations. The scanner searches your server for malicious programs. If it identifies a potential security threat, it will flag the file to allow you to take the appropriate action.
Important: After you configure ClamAV Scanner, we recommend that you create a root cron job that will run daily during off-peak hours.
To install or uninstall ClamAV Scanner, use the Manage Plugins interface in WHM (Home >> cPanel >> Manage Plugins).
To configure ClamAV Scanner:
home
directory on your server.Important: You must perform additional steps if you wish to integrate ClamAV Scanner with Exim.
If you wish to override the ClamAV Scanner configuration for specific users, click User Configuration. The User Configuration interface also allows you to set override defaults for all new "configured users."
Before you can configure a user's ClamAV Scanner settings, that user must appear on the Configured Users menu.
To add a user to the Configured Users menu:
To remove a user from the Configured Users menu:
Note: After you remove a user from the Configured Users menu, ClamAV Scanner will use the main configuration to scan that user's portion of the server.
ClamAV Scanner applies the settings that you specify under the Defaults header to all new configured users.
To set the default settings for new configured users:
home
directory.
To configure ClamAV Scanner for an individual user:
home
directory.
Important: You must perform these additional steps if you wish to integrate ClamAV Scanner with Exim.
To configure ClamAV Scanner for Exim:
If you prefer to use the command line interface to run ClamAV, the binaries are located in the /usr/local/cpanel/3rdparty/bin/
directory:
/usr/local/cpanel/3rdparty/bin/clamscan /usr/local/cpanel/3rdparty/bin/freshclam
Note: If you have scripts that expect ClamAV binaries in the /usr/local/bin directory, you can create symbolic links with the following:
ln -s /usr/local/cpanel/3rdparty/bin/clamscan /usr/local/bin/clamscan ln -s /usr/local/cpanel/3rdparty/bin/freshclam /usr/local/bin/freshclam
After you configure ClamAV Scanner, we recommend that you create a root
cronjob that will run daily during off-peak hours. The cronjob should run the following command:
for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do /usr/local/cpanel/3rdparty/bin/clamscan -i -r /home/$i 2>>/dev/null; done >> /root/infections&
This command recursively searches the home
directory for spam and infected files.