ClamAV is a popular open source anti-virus scanner available for Unix, Windows, and macOS. ClamAV can quarantine or delete infected archived files, emails, websites, and more. ClamAV is also available as a cPanel plugin.
Develop your web applications on Debian, Ubuntu, or CentOS with our scalable Cloud Servers.
Install ClamAV with APT
You may have to use
sudo before each command if you’re not already logged in as root (e.g.
sudo apt-get update)
Installing ClamAV is easy with the Ubuntu APT package.
- Update your package lists:
- Install ClamAV:
apt-get install clamav clamav-daemon -y
Update ClamAV Signature Database
After you finish installing ClamAV, ensure your ClamAV virus signatures are up to date.
- Stop the ClamAV process:
systemctl stop clamav-freshclam
- Manually update the ClamAV signature database:
- Restart the service to update the database in the background:
systemctl start clamav-freshclam
Below are the most common scanning options.
Scan all files, starting from the current directory:
clamscan -r /
Scan files but only show infected files:
clamscan -r -i /[path-to-folder]
Scan files but don’t show
clamscan -r -o /[path-to-folder]
Scan files and send results of infected files to a results file:
clamscan -r /[path-to-folder] | grep FOUND >> /[path-folder]/[file].txt
Scan files and move infected files to a different directory:
clamscan -r --move=/[path-to-folder] /[path-to-quarantine-folder]
You can also create a cron job to run ClamAV scans automatically.
To learn more about clamscan options, check the manual:
Those running a GUI on Linux can also install ClamTK.
Looking for other ways to improve your server security posture. See if Sucuri’s web application firewall (WAF) is right for you.