ClamAV is a free and open-source antivirus suite. When planning a security strategy for your server, you may want to consider running an antivirus to protect your server.
Before we begin
- Execute all commands as root in this tutorial (or sudo).
- ClamAV is open-source and is not as powerful as other antivirus suites.
Install ClamAV
Install the ClamAV engine.
apt-get install clamav
Update the virus database. This should be done on a regular interval to detect new types of malware.
freshclam
Install ClamFS
ClamAV is an antivirus engine, however it can't do real-time scans by itself. We will use ClamFS for these types of scans.
apt-get install clamfs clamav-daemon
Setup ClamFS
Run these commands to configure ClamFS.
mkdir /clamfs /clamfs/secure
chmod 777 /clamfs /clamfs/secure
gunzip -c /usr/share/doc/clamfs/clamfs-sample.xml.gz > /clamfs/config.xml
nano /clamfs/config.xml
In config.xml, replace:
<filesystem root="/tmp" mountpoint="/clamfs/tmp" public="yes" />
with:
<filesystem root="/your/target/dir" mountpoint="/clamfs/secure" public="yes" />
Start ClamFS
Run the ClamFS process.
clamfs /clamfs/config.xml
While it's running, every file that goes to /clamfs/secure will scanned by ClamAV. If a file is detected as "clean", it will moved to its target directory.
For example, you can protect the Downloads folder by updating the configuration file again. In config.xml, replace:
<filesystem root="/tmp" mountpoint="/clamfs/tmp" public="yes" />
with:
<filesystem root="/home/username/Downloads" mountpoint="/clamfs/secure" public="yes" />
Then, in your browser, change the download folder to: /clamfs/secure.
Congratulations, you have completed installing ClamAV and ClamFS on your server.