Install ClamAV and set up scheduled scans.<\/p>\n
Install Epel:<\/p>\n
\n# yum install epel-release\n<\/pre>\nInstall ClmAV<\/p>\n
\n# yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd\nLoaded plugins: fastestmirror\nLoading mirror speeds from cached hostfile\n * base: mirror.lax.hugeserver.com\n * epel: dl.fedoraproject.org\n * extras: dallas.tx.mirror.xygenhosting.com\n * updates: linux.mirrors.es.net\nPackage clamav-data-0.98.7-1.el7.noarch already installed and latest version\nPackage clamav-filesystem-0.98.7-1.el7.noarch already installed and latest version\nPackage clamav-lib-0.98.7-1.el7.x86_64 already installed and latest version\nResolving Dependencies\n--> Running transaction check\n---> Package clamav.x86_64 0:0.98.7-1.el7 will be installed\n---> Package clamav-devel.x86_64 0:0.98.7-1.el7 will be installed\n---> Package clamav-scanner-systemd.noarch 0:0.98.7-1.el7 will be installed\n--> Processing Dependency: clamav-scanner = 0.98.7-1.el7 for package: clamav-scanner-systemd-0.98.7-1.el7.noarch\n---> Package clamav-server.x86_64 0:0.98.7-1.el7 will be installed\n--> Processing Dependency: nc for package: clamav-server-0.98.7-1.el7.x86_64\n---> Package clamav-server-systemd.noarch 0:0.98.7-1.el7 will be installed\n---> Package clamav-update.x86_64 0:0.98.7-1.el7 will be installed\n--> Running transaction check\n---> Package clamav-scanner.noarch 0:0.98.7-1.el7 will be installed\n---> Package nmap-ncat.x86_64 2:6.40-7.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n===================================================================================================================================================================================================\n Package Arch Version Repository Size\n===================================================================================================================================================================================================\nInstalling:\n clamav x86_64 0.98.7-1.el7 epel 806 k\n clamav-devel x86_64 0.98.7-1.el7 epel 37 k\n clamav-scanner-systemd noarch 0.98.7-1.el7 epel 19 k\n clamav-server x86_64 0.98.7-1.el7 epel 93 k\n clamav-server-systemd noarch 0.98.7-1.el7 epel 19 k\n clamav-update x86_64 0.98.7-1.el7 epel 89 k\nInstalling for dependencies:\n clamav-scanner noarch 0.98.7-1.el7 epel 26 k\n nmap-ncat x86_64 2:6.40-7.el7 base 201 k\n\nTransaction Summary\n===================================================================================================================================================================================================\nInstall 6 Packages (+2 Dependent packages)\n\nTotal download size: 1.3 M\nInstalled size: 3.0 M\nIs this ok [y\/d\/N]: y\nDownloading packages:\n(1\/8): clamav-0.98.7-1.el7.x86_64.rpm | 806 kB 00:00:00\n(2\/8): clamav-devel-0.98.7-1.el7.x86_64.rpm | 37 kB 00:00:00\n(3\/8): clamav-scanner-0.98.7-1.el7.noarch.rpm | 26 kB 00:00:00\n(4\/8): clamav-scanner-systemd-0.98.7-1.el7.noarch.rpm | 19 kB 00:00:00\n(5\/8): clamav-server-0.98.7-1.el7.x86_64.rpm | 93 kB 00:00:00\n(6\/8): clamav-server-systemd-0.98.7-1.el7.noarch.rpm | 19 kB 00:00:00\n(7\/8): clamav-update-0.98.7-1.el7.x86_64.rpm | 89 kB 00:00:00\n(8\/8): nmap-ncat-6.40-7.el7.x86_64.rpm | 201 kB 00:00:00\n---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------\nTotal 1.3 MB\/s | 1.3 MB 00:00:00\nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : 2:nmap-ncat-6.40-7.el7.x86_64 1\/8\n Installing : clamav-server-0.98.7-1.el7.x86_64 2\/8\n Installing : clamav-server-systemd-0.98.7-1.el7.noarch 3\/8\n Installing : clamav-scanner-0.98.7-1.el7.noarch 4\/8\n Installing : clamav-scanner-systemd-0.98.7-1.el7.noarch 5\/8\n Installing : clamav-0.98.7-1.el7.x86_64 6\/8\n Installing : clamav-update-0.98.7-1.el7.x86_64 7\/8\n Installing : clamav-devel-0.98.7-1.el7.x86_64 8\/8\n Verifying : clamav-scanner-systemd-0.98.7-1.el7.noarch 1\/8\n Verifying : clamav-server-0.98.7-1.el7.x86_64 2\/8\n Verifying : clamav-scanner-0.98.7-1.el7.noarch 3\/8\n Verifying : clamav-devel-0.98.7-1.el7.x86_64 4\/8\n Verifying : clamav-server-systemd-0.98.7-1.el7.noarch 5\/8\n Verifying : clamav-update-0.98.7-1.el7.x86_64 6\/8\n Verifying : 2:nmap-ncat-6.40-7.el7.x86_64 7\/8\n Verifying : clamav-0.98.7-1.el7.x86_64 8\/8\n\nInstalled:\n clamav.x86_64 0:0.98.7-1.el7 clamav-devel.x86_64 0:0.98.7-1.el7 clamav-scanner-systemd.noarch 0:0.98.7-1.el7 clamav-server.x86_64 0:0.98.7-1.el7\n clamav-server-systemd.noarch 0:0.98.7-1.el7 clamav-update.x86_64 0:0.98.7-1.el7\n\nDependency Installed:\n clamav-scanner.noarch 0:0.98.7-1.el7 nmap-ncat.x86_64 2:6.40-7.el7\n\nComplete!\n\n<\/pre>\nCopy a the clamd.conf template, in case you don\u2019t have a configuration file yet:<\/p>\n
\n# cp \/usr\/share\/clamav\/template\/clamd.conf \/etc\/clamd.d\/clamd.conf\n<\/pre>\nChange the file and Comment out “Example”<\/p>\n
\n# nano \/etc\/clamd.d\/clamd.conf\n<\/pre>\nChange this…<\/p>\n
\n# Comment or remove the line below.\nExample\n<\/pre>\nTo this…<\/p>\n
\n# Comment or remove the line below.\n#Example\n<\/pre>\nConfigure SELinux for ClamAV.<\/p>\n
Check if selinux in on:<\/p>\n
\n# getenforce\nEnforcing\n[root@database ~]# sestatus\nSELinux status: enabled\nSELinuxfs mount: \/sys\/fs\/selinux\nSELinux root directory: \/etc\/selinux\nLoaded policy name: targeted\nCurrent mode: enforcing\nMode from config file: enforcing\nPolicy MLS status: enabled\nPolicy deny_unknown status: allowed\nMax kernel policy version: 28\n\n<\/pre>\nWrite this command to get it working with SELinux if this is active:<\/p>\n
\n\n# setsebool -P antivirus_can_scan_system 1\n\n<\/pre>\nEnabling and Disabling SELinux<\/p>\n
\n\nnano \/etc\/sysconfig\/selinux\n\n<\/pre>\nTo enable…set this to enforcing<\/p>\n
\n\n# SELINUX=enforcing\n\n<\/pre>\nTo disable, set to permissive<\/p>\n
\n# SELINUX=permissive\n<\/pre>\nReboot after changes<\/p>\n
Or, to make temp changes:<\/p>\n
\n# setenforce permissive\n<\/pre>\nEnable Freshclam<\/p>\n
\n# cp \/etc\/freshclam.conf \/etc\/freshclam.conf.bak\n<\/pre>\nEdit the config file to comment out example<\/p>\n
\n# nano \/etc\/freshclam.conf\n<\/pre>\n\n# Comment or remove the line below.\n#Example\n\n<\/pre>\nCreat a file<\/p>\n
\n# nano \/usr\/lib\/systemd\/system\/clam-freshclam.service\n<\/pre>\nAdd<\/p>\n
\n# Run the freshclam as daemon\n[Unit]\nDescription = freshclam scanner\nAfter = network.target\n \n[Service]\nType = forking\nExecStart = \/usr\/bin\/freshclam -d -c 4\nRestart = on-failure\nPrivateTmp = true\n \n[Install]\nWantedBy=multi-user.target\n<\/pre>\nLet’s enable and start the service<\/p>\n
\n# systemctl enable clam-freshclam.service\n# systemctl start clam-freshclam.service\n<\/pre>\nrename the \/usr\/lib\/systemd\/system\/clamd@.service file<\/p>\n
\n# mv \/usr\/lib\/systemd\/system\/clamd@.service \/usr\/lib\/systemd\/system\/clamd.service\n<\/pre>\nchange the clamd@scan service as well. Change this line in \/usr\/lib\/systemd\/system\/clamd@scan.service and remove the @ sign<\/p>\n
\n# nano \/usr\/lib\/systemd\/system\/clamd@scan.service\n<\/pre>\nFrom…<\/p>\n
\n# .include \/lib\/systemd\/system\/clamd@.service\n<\/pre>\nto…<\/p>\n
\n# .include \/lib\/systemd\/system\/clamd.service\n<\/pre>\nchange the clamd service file \/usr\/lib\/systemd\/system\/clamd.service:<\/p>\n
\n[Unit]\nDescription = clamd scanner daemon\nAfter = syslog.target nss-lookup.target network.target\n \n[Service]\nType = simple\nExecStart = \/usr\/sbin\/clamd -c \/etc\/clamd.d\/clamd.conf --nofork=yes\nRestart = on-failure\nPrivateTmp = true\n \n[Install]\nWantedBy=multi-user.target\n<\/pre>\nStart all services<\/p>\n
\n#cd \/usr\/lib\/systemd\/system\n<\/pre>\n\n# systemctl enable clamd.service\n# systemctl enable clamd@scan.service\n# systemctl start clamd.service\n# systemctl start clamd@scan.service.\n<\/pre>\nRun a scan<\/p>\n
\n# clamscan -i -r --log=\/var\/log\/clamscan-date.txt \/var\/www\/vhosts\/*\n\n----------- SCAN SUMMARY -----------\nKnown viruses: 4159219\nEngine version: 0.98.7\nScanned directories: 3\nScanned files: 116\nInfected files: 0\nData scanned: 13.64 MB\nData read: 39.54 MB (ratio 0.34:1)\nTime: 10.738 sec (0 m 10 s)\n\n<\/pre>\nSet up a cron to run a scan (example is for a plesk server for the virtual hosts<\/p>\n
\n# nano \/etc\/cron.daily\/clamscan\n<\/pre>\n\n#!\/bin\/bash\n# setup the scan location and scan log\nCLAM_SCAN_DIR="\/var\/www\/vhosts"\nCLAM_LOG_FILE="\/var\/log\/clamav\/dailyscan.log"\n# update the virus database\n\/usr\/bin\/freshclam\n# run the scan\n\/usr\/bin\/clamscan -i -r $CLAM_SCAN_DIR >> $CLAM_LOG_FILE\nMAILTO=user@domain.com\n<\/pre>\nSet the cron file as an executible<\/p>\n
\n\n# chmod 555 \/etc\/cron.daily\/clamscan\n\n<\/pre>\nTest your installation and cron job<\/p>\n
\n\n# \/etc\/cron.daily\/clamscan\n\n<\/pre>\n","protected":false},"excerpt":{"rendered":"Install ClamAV and set up scheduled scans. Install Epel: # yum install epel-release Install ClmAV # yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirror.lax.hugeserver.com * epel: dl.fedoraproject.org * extras: dallas.tx.mirror.xygenhosting.com * updates: linux.mirrors.es.net Package clamav-data-0.98.7-1.el7.noarch already installed and latest version … Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,12,15],"tags":[],"class_list":["post-2850","post","type-post","status-publish","format-standard","hentry","category-administration","category-centos-7","category-clamav"],"_links":{"self":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/posts\/2850","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/comments?post=2850"}],"version-history":[{"count":0,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/posts\/2850\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/media?parent=2850"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/categories?post=2850"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/tags?post=2850"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}