Search our site for answers
Help Docs Security Overview Antivirus Using ClamAV for Virus Protection

Using ClamAV for Virus Protection

ClamAV is a robust antivirus tool that scans your server for malicious files and email attachments, enhancing your security measures.
Security
3 min read

ClamAV is a powerful antivirus software that can scan your email and your server for malicious files. It works like an antivirus program on your computer, but ClamAV scans your server. Specifically, ClamAV looks for malicious email attachments and malicious server files. It won’t find every malicious file all the time, but it’s a good weapon in your security arsenal. If you ever think your server has malicious files or has been hacked, feel free to contact our Support team. We have a dedicated security team to help you! At Liquid Web, ClamAV is pre-installed on cPanel servers but not preconfigured.

ClamAV was first designed to be controlled from the command line. But, you can set up ClamAV without any command line knowledge and use WHM and cPanel to manage your settings. This article will explain:

Connecting ClamAV to WHM and cPanel

To start using ClamAV without needing command line knowledge, you’ll enable ClamAV Connector in WHM. This will let you change ClamAV settings in WHM and scan individual cPanel accounts.

  1. Log into WHM. (If you are unfamiliar with WHM, see our article Getting Started with WHM).
  2. In the search bar, search for “Plugins” and then click on Manage Plugins.
    manage plugins highlighted
  3. You’ll see the ClamAV logo and a plugin called “clamavconnector.” Check the box next to Install and keep updated and then click Save. ClamAV Connector will run through the installation process.
    gif showing install and keep updated box checked

Enabling Automatic Email Scanning

Once you’ve installed ClamAV Connector, you can set ClamAV up to scan all incoming and outgoing mail for malware.

  1. In the WHM search bar, search for “Exim.” Then click on Exim Configuration Manager.
    exim configuration manager highlighted
  2. In the Basic Editor, click on Security.
    security tab highlighted
  3. Select the radio button for On for these two settings:
    • Scan messages for malware from authenticated servers (exiscan).
    • Scan outgoing messages for malware

    gif showing radio button selection

  4. Click Save.

Configuring File Scanning Settings

Once you enable ClamAV Connector, every cPanel account will be able to manually scan for malware. You can change those settings in WHM.

  1. In the WHM search bar, search for “ClamAV.” Then click on Configure ClamAV Scanner.
    clamav scanner highlighted
  2. Here you can choose what scan options are available for cPanel accounts. Check the boxes next to the scans you want available in cPanel accounts:
    • Scan Entire Home Directory
    • Scan Mail
    • Scan Public FTP Space
    • Scan Public Web Space
  3. Make sure to click Save once you’ve chosen your settings!
  4. You can also grant specific scan options to each cPanel account individually by clicking the User Configuration button.
    user configuration highlighted

Manual Scanning in cPanel

You can scan files in your cPanel accounts as often as you’d like.

  1. Log into your cPanel account.
  2. Scroll down to the Advanced section and click on Virus Scanner.
    virus scanner button highlighted
  3. Select the radio button next to the files you want to scan and click Scan Now.
    scan now button highlighted
  4. If cPanel finds malicious files, you’ll be able to see the file names once ClamAV finishes its scan.
    virus scanner running
Was this article helpful?