ClamAV is a free and open-source antivirus suite. When planning a security strategy for your server, you may want to consider running an antivirus to protect your server.
Execute all commands as root in this tutorial (or sudo
).
ClamAV is open-source and is not as powerful as other antivirus suites.
Install the ClamAV engine.
apt-get install clamav
Update the virus database. This should be done on a regular interval to detect new types of malware.
freshclam
ClamAV is an antivirus engine, however it can't do real-time scans by itself. We will use ClamFS for these types of scans.
apt-get install clamfs clamav-daemon
Run these commands to configure ClamFS.
mkdir /clamfs /clamfs/secure
chmod 777 /clamfs /clamfs/secure
gunzip -c /usr/share/doc/clamfs/clamfs-sample.xml.gz > /clamfs/config.xml
nano /clamfs/config.xml
In config.xml
, replace:
<filesystem root="/tmp" mountpoint="/clamfs/tmp" public="yes" />
with:
<filesystem root="/your/target/dir" mountpoint="/clamfs/secure" public="yes" />
Run the ClamFS process.
clamfs /clamfs/config.xml
While its running, every file that goes to /clamfs/secure
will scanned by ClamAV. If a file is detected as "clean", it will moved to its target directory.
For example, you can protect the Downloads
folder by updating the configuration file again. In config.xml
, replace:
<filesystem root="/tmp" mountpoint="/clamfs/tmp" public="yes" />
with:
<filesystem root="/home/username/Downloads" mountpoint="/clamfs/secure" public="yes" />
Then, in your browser, change the download folder to: /clamfs/secure
.
Congratulations, you have completed installing ClamAV and ClamFS on your server.