Installing ClamAV via Command Line (SSH)
This command tells the system that we want ClamAV to be listed as installed by the local RPM system:
/scripts/update_local_rpm_versions --edit target_settings.clamav installed
This command is the one responsible for installing the ClamAV RPM on your server:
/scripts/check_cpanel_rpms --fix --targets=clamav
Creating Symbolic Links
If you need manually scan or use via ssh, so we don’t need to remember URL paths:
ln -s /usr/local/cpanel/3rdparty/bin/clamscan /usr/local/bin/clamscan ln -s /usr/local/cpanel/3rdparty/bin/freshclam /usr/local/bin/freshclam
ClamAV Cpanel Malware Signatures
Also, we add extra ClamAV signatures better ratio detect PHP malware on the server.
Edit Freshclam.conf file:
/usr/local/cpanel/3rdparty/etc/freshclam.conf
Add these line end of the file:
DatabaseCustomURL http://malware.expert/malware.expert.ndb DatabaseCustomURL http://malware.expert/malware.expert.hdb DatabaseCustomURL http://malware.expert/malware.expert.ldb DatabaseCustomURL http://malware.expert/malware.expert.fp DatabaseCustomURL http://www.rfxn.com/downloads/rfxn.ndb DatabaseCustomURL http://www.rfxn.com/downloads/rfxn.hdb
Restart Freshclam
/usr/local/cpanel/3rdparty/bin/freshclam restart
ClamAV cron job
After you configure ClamAV, we recommend that you schedule a root cron job to run daily during off-peak hours. The cron job will run the following command:
for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do /usr/local/cpanel/3rdparty/bin/clamscan -i -r /home/$i 2>>/dev/null; done >> /root/infections&