• ClamAV on CentOS

How to Install ClamAV and Configure Daily Scanning on CentOS

This article will guide you through the installation of ClamAV on CentOS. Once installed, we will also configure a daily scan on our CentOS server.

ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats on Linux. In this article, we will only be configuring ClamAV to run scheduled/on-demand scans; not resident scans.

A. Install ClamAV

1. Install EPEL repo

Before we can do proceed, you must ensure that you have the EPEL yum repository enabled. To do this, click here.

2. Install required ClamAV packages

yum install clamav clamd

3. Start the clamd service and set it to auto-start

/etc/init.d/clamd on
chkconfig clamd on
/etc/init.d/clamd start

4. Update ClamAV’s signatures

/usr/bin/freshclam

Note: ClamAV will update automatically, as part of /etc/cron.daily/freshclam.

B. Configure Daily Scan

In this example, we will configure a cronjob to scan the /home/ directory every day:

1. Create cron file:

vim /etc/cron.daily/manual_clamscan

Add the following to the file above. Be sure to change SCAN_DIR to the directory that you want to scan:

#!/bin/bash
SCAN_DIR="/home"
LOG_FILE="/var/log/clamav/manual_clamscan.log"
/usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILE

Give our cron script executable permissions:

chmod +x /etc/cron.daily/manual_clamscan

You can even run the above script to ensure that it works correctly.

And you’re done! That should be the minimum required to 1. install ClamAV and 2. Perform a daily scan of a specific directory.

Scan to Donate Bitcoin
Like this? Donate Bitcoin to at:
Bitcoin 14M4a7UHEX61VoHkyjj4dxbUBNGGz3hmhM
Donate
Share This Post

About Author: Curtis K

Hi! My name is Curtis, and I am the creator of CentOS Blog. Please feel free to comment any suggestions, feedback or questions on my posts!

  • sarfaraj

    Nice and valuable post Curtis.

  • http://thekavirajan.blogspot.com kavirajan

    useful info thanks a lot.

  • http://thekavirajan.blogspot.com kavirajan

    Very useful

    thekavirajan.blogspot.com

  • http://N/A Tapan Kumar Thapa

    Really valuable post….

    Thanks for this article and keep writing this kind of article.

    Regards
    Tapan Thapa

  • http://www.linuxmintusers.de centosN

    THX!

    But, change
    “/etc/init.d/clamd on”
    to
    “/etc/init.d/clamd start”.

    Wouldn`t i be good to add “/usr/bin/freshclam” to the cron-file before “/usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILE” ?

    Greetz
    neo67

    • Curtis K

      Hi neo67,

      That’s a good point – it’s always worth updating clamav with freshclam. I’ll be sure to update the post. Thanks for the suggestion!

  • Ed

    If youre only doing daily scans then surely you dont need to run the daemon? I tried it without and it seems to be running fine

  • Mitch

    Nice post, but a bit over my head, sorry for my ignorance.

    Isn’t there an easier way to set up a cron job via filling a cron job task in cPanel’s “Cron Jobs” ?

    Thank you.

  • Dave Haertel

    So, will ClamAV automatically quarantine/heal/delete infected files that it finds when it runs the daily scan? Or does it just write the information to the log file for you to determine what to do with the files?

    • http://metatraderprogramming.com/ CandleFOREX

      ClamAV by default will not automaticially delete/heal etc infected files. This is actually smart because on servers, autodelete of important files can cause major problems.

      If you want to do this you need to configure ClamAV to do auto delete etc use this on the command line:

      clamscan -ri –remove /home

  • Johnny

    Great article, congrats.

    How can i add mulitple directories to this script

  • sreedharan

    will it work without clamd service?

  • http://metatraderprogramming.com/ CandleFOREX

    Curtis,

    If the following error comes up what to do to fix it:

    [root@server]# /etc/init.d/clamd start
    Starting Clam AntiVirus Daemon: ERROR: /var/log/clamav/clamd.log is locked by another process
    ERROR: Can’t initialize the internal logger

    • Gunjan RanjitKar

      sudo /etc/init.d/clamd restart

  • javier

    thanks!!!!!!!!!

  • Pingback: Blocking Malicious File Attachment in CentOS | Some Random Notes

  • Yehoshua Talansky

    when running I get this error
    line 4: /var/log/clamav/manual_clamscan.log: Permission denied
    what should I do

    • Gunjan RanjitKar

      Use root permission

  • Chrs Swinney

    Is there anyway to get this ClamAV and clamd functional in CentOS 7?

  • Pingback: [Linux] Clamav | sunny