How to Install Virus Scanner in cPanel – ClamAV

In this article, we’ll discuss how you can install and configure the ClamAV plugin for cPanel. ClamAV is a popular open-source anti-virus scanner and with the ClamAV plugin, you can allow your cPanel users to scan their e-mails as well as scan their home directories for malicious files.

Getting this installed yourself would require root access on either your VPS (Virtual Private Server) or dedicated server, or you can contact support to have us install the ClamAV anti-virus plugin for you for a $25 installation fee. You can follow the steps below to learn how to install virus scanner in cPanel and scan your site.

Don’t have time to read the full article? Watch our walk-through video.

Install and configure ClamAV plugin in WHM

  1. Log into WHM as the root user.
  2. In the top-left Find box, type in plugins, then click on Manage Plugins.
    Access the Plugin Manager in WHM
  3. Click the Install ClamAV for cPanel button.
    Install ClamAV for cPanel

    The installation process can take a good amount of time, upwards of 10 minutes, so be patient and don’t close the web browser until it completes. When it finishes you’ll see a “ClamAV for cPanel” is now installed message at the bottom of the screen.
    ClamAV is Now Installed
  4. Log out, and then back into WHM as the root user again.
  5. In the top-left search box, type in clamav, then click on Configure ClamAV Scanner.
    Access ClamAV Configuration
  6. Now you can set the global scan permissions you’d like to set. If you’d simply like to allow any cPanel user to scan any of their stuff you can place a check beside Scan Entire Home DirectoryScan MailScan Public FTP Space, and Scan Public Web Space, then click on Save.
    Saving ClamAV Scanner Configuration

Run ClamAV Virus Scan From cPanel

  1. Now login to your cPanel to use the virus scanner.
  2. Under the Advanced section, click on Virus Scanner.
    ClamAV cPanel Virus Scanner
  3. Now to start a new scan, select the type of scan you want, in this example we’re doing Scan Entire Home Directory, then click on Scan Now.
    ClamAV Virus Scanner - Scan Now
  4. After the scan is complete there will be a list of infected files in the Infected Files: section, click OK on the confirmation window that pops up to continue.
  5. In my test, all 3 of the files that were found are coming up for known variants of a PHP mailer or PHP shell, so we can just leave the selections in the Quarantine column to place these files outside of our /public_html directory so they are not still accessible to the outside world. We could also just outright Destroy them, or Ignore them by changing our selection to those columns. Then simply click on Process Cleanup. You should then see the cleanup process complete page.
  6. Now if you use cPanel’s File Manager you can navigate to the newly created quarantine_clamavconnector directory in your home directory to see the quarantined files.

Run ClamAV Scan From Console (SSH)

  1. Login to your server via SSH.
  2. Run the following command to scan the entire /home/userna5/public_html directory:
    clamscan -ri /home/userna5/public_html

    The r flag is for recursive, and the i flag is to only show infected files. You should end up with a listing of any infected files that were found such as:

    /home/userna5/public_html/uploads/mail.php: PHP.Mailer-7 FOUND
    /home/userna5/public_html/uploads/sh.php: PHP.C99-13 FOUND
    /home/userna5/public_html/uploads/view.php: PHP.C99-13 FOUND
    ----------- SCAN SUMMARY -----------
    Known viruses: 1324142
    Engine version: 0.97.6
    Scanned directories: 4979
    Scanned files: 13835
    Infected files: 3
    Data scanned: 583.20 MB
    Data read: 1193.90 MB (ratio 0.49:1)
    Time: 372.032 sec (6 m 12 s)

  3. To see all of the options available to you for the clamscan command append the –help flag.
    clamscan --help

You should now understand how to install and configure the ClamAV plugin for cPanel to help protect your accounts against virus threats.

InMotion Hosting Contributor
InMotion Hosting Contributor Content Writer

InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals!

More Articles by InMotion Hosting

9 thoughts on “How to Install Virus Scanner in cPanel – ClamAV

  1. Dear Mr. John, I have isntalled as per your instructioin the clamav on my whm controal panel and then through feature manager i allowed all ther services… 

    In fact, when i go back to my bluehost control panel, I do not find it there…. can you help me please

    Ayub

  2. Hi. I post a comment earlier but it seems like it wasn’t saved. 

    I’m a bit new to cPanel and WHM.  I want to install clamav so I can use it to scan for viruses with my php script. I have this version.

    CENTOS 6.7 x86_64 virtuozzo – vps13703 WHM 11.50.0 (build 30)

    My problem is I that I can’t find the “Manage Plugins” link which I assume was removed. How can I install clamav in this version?

     

     

Was this article helpful? Join the conversation!