Installing ClamAV Anti-Virus on CentOS 7

ClamAV is an open source anti-virus utility for Linux designed to detect viruses, malware, and our favorite Рphp script exploits. It does a great job at picking up php files containing backdoors, remote file managers, spam mailer bots, etc. We run this on all of our hosting servers daily. It is especially useful for detecting and removing files uploaded by the numerous exploitable WordPress 3rd party plugins.

To begin, we need to enable the EPEL repository. At the time of writing this post, the latest version was 7.5. We always recommend checking for newer versions before blindly copy/pasting a command.

rpm -ivh epel-release-7-5.noarch.rpm

Next, install all of the required ClamAV packages using yum

yum install clamav-server clamav-data clamav-update clamav-filesystem clamav

packagesWhen you first install ClamAV, it creates a config file with a line “Example” that needs to be removed. Edit the file vim /etc/freshclam.conf, using your favorite editor, and remove the “Example” line. In our file, it was on line 8. Then you can run freshclam, a utility to update the ClamAV database.

vim /etc/freshclam.conf

Enable and start the service

systemctl enable clamd.service
systemctl start clamd.service

You should be all set. You can run the command below to make sure the process is running.

ps aux | grep clam



Leave a Reply