Install ClamAV

# Install
sudo dnf install epel-release -y
sudo dnf update -y
sudo dnf install clamav clamd clamav-update # 
Install clamav, clamd background runner, clamav-update updater
# user is: clamscan
# Allows access to some system files
sudo setsebool -P antivirus_can_scan_system 1
# Update database
sudo freshclam # show here: /var/lib/clamav
# Edit /etc/clamd.d/scan.conf for Enable LocalSocket
sudo sed -i 's/#LocalSocket \/run/LocalSocket \/run/g' /etc/clamd.d/scan.conf

# Start the system database updater and start immediately
systemctl enable --now clamav-freshclam
systemctl status clamav-freshclam

# Start the Clamd Scanner service in the background
systemctl enable --now clamd@scan
systemctl status clamd@scan

# Manually scan the entire machine if desired (-r is recursive, not remove)
sudo clamscan -r /

# Feature to scan file when it is accessed clamonacc
## Editfile /etc/clamd.d/scan.conf
### Enable clamonacc feature
sudo sed -i 's/#OnAccessPrevention yes/OnAccessPrevention yes/g' /etc/clamd.d/scan.conf
### Specify the directory where clamonacc is applied
sudo sed -i 's/#OnAccessIncludePath \/home/OnAccessIncludePath \/home/g' /etc/clamd.d/scan.conf
### Exclude clamscan from clamonacc so it won't be blocked
sudo sed -i 's/#OnAccessExcludeUname clamav/OnAccessExcludeUname clamscan/g' /etc/clamd.d/scan.conf

### Run service clamonacc at startup:
#### Editfile /usr/lib/systemd/system/clamav-clamonacc.service, add:
Restart=on-failure
RestartSec=7s

#### Start
sudo systemctl daemon-reload
sudo systemctl enable --now clamav-clamonacc # or clamonacc
sudo systemctl status clamav-clamonacc

Install Linux Malware Detect

ClamAV should be install first, helpful for Linux Malware Detect.

Install Linux Malware Detect:

sudo wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xvf maldetect-current.tar.gz
cd maldetect-{version}
bash ./install.sh
maldet -u

Scan:

maldet –scan-all /home/domain.com/public_html/*.php

Show quarantine files:

ls /usr/local/maldetect/quarantine/

DMCA.com Protection Status


Leave a Reply

Your email address will not be published. Required fields are marked *