Can you Virus Scan a Linux web server? Well, with our Apache/PHP/MySql CentOS web server using WHM and cPanel had a plugin, installable for this purpose, and called ClamAV Scanner. So, we can!
How do you find out about this on your cPanel system? Try searching for “plugin” and see whether …
- perhaps ClamAV is already installed and you’ll see it listed there as “Configure ClamAV Scanner” … or …
- use the Manage Plugins option to install this excellent product
In the early days of virus scanning products, it was just a case of scanning hard disks and removable disks, but, of course, these days, a good virus scan would scan through email, as well, looking for virus signatures, that can be flagged to the administrator for attention, or not, as something that needs to be deleted or quarantined. ClamAV certainly fitted the bill for all this.
ClamAV Scanner can be scheduled via crontab to run at an administrator chosen time, and we find this approach useful here at the rjmprogramming.com.au domain.
Once installed and initially configured these scheduled scans can be reconfigured for any/all of …
- Scan Entire Home Directory
- Scan Mail
- Scan Public FTP Space
- Scan Public Web Space
… as shown with today’s tutorial picture.
We’ve set up a crontab Saturday scan of whatever is selected in the list above …
5 1 * * 6 for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do /usr/bin/clamscan -i -r /home/$i 2>>/dev/null; done >> /root/infections&
… and should you see an issue in the /root/infections file-in-first-column listing, you can delete the file via Korn shell script such as …
#!/bin/ksh
if [ -s "/root/infections" ]; then
rm -f `cat /root/infections | cut -d':' -f1`
fi
exit
If this was interesting you may be interested in this too.