Manually run ClamAV on cPanel and check every user

Rob —  August 29, 2013 — Leave a comment

If you’re running WHM/cpanel and want to run a scan on every user manually, perhaps when first installing ClamAV, you’ll want to run this command which is endorsed by cPanel themselves.

To enable ClamAV, you’ll want to enter WHM –> Configure ClamAV Scanner and select the check boxes for the type of scan you want to do.

Once that’s done, you can run it with this command:

Once its running, you can tail the /root/infections log file to see what it finds. You’ll start to see scan results as it finishes each user’s home directory.

You can then set up a root cron job to have it run during off hours. The example below will fire it off at 2am every night.

(ssh into the server and become root)

NOTE: this will just tell you about the infections it finds. You have two options if you’d like to deal with them during the scan:

Remove them (careful, this will delete the file forever.. if it’s a false positive, then you’re SOL).

Move them to a different folder:

Related posts from Linux Brigade!

  • Understanding cron job timesUnderstanding cron job times Often, you’ll want to use cron to schedule daily, weekly, hourly (etc…) tasks on your linux system(s). cPanel has a little GUI for it, but since I don’t trust GUIs very often, I like […]
  • Change main hostname and IP of WHM/cPanel machineChange main hostname and IP of WHM/cPanel machine One thing you’ll probably run into sometime is changing the hostname and IP address of a cPanel machine.. whether you’re cloning it for a quick start or if you’ve taken it over.. moving it […]
  • cPanel / CSF: Fix 500 internal server error or 404 for the CSF GUI I’ve run into this a couple times – where I’ll spin up a CentOS/cPanel machine, then run a cpupdate (/scripts/upcp) to get cpanel up to date.  I’ll then go into the configserver firewall […]
  • Block Countries using mod_geoip in cPanel Yesterday, I wrote an article on how to block certain countries from your server using csf. This will block them from accessing your server on any port. You can, however use mod_geoip if […]
  • Block account from sending mail WHM/cPanelBlock account from sending mail WHM/cPanel There may come a time when you’d like to block an account / domain on your WHM/cPanel server from being able to send mail. Here’s how you’d get it done!

    We’re going to set up a […]

No Comments

Be the first to start the conversation.

Leave a Reply

Text formatting is available via select HTML.

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">