Installing ClamAV Anti-Virus on CentOS 7

ClamAV is an open source anti-virus utility for Linux designed to detect viruses, malware, and our favorite – php script exploits. It does a great job at picking up php files containing backdoors, remoteĀ file managers, spam mailer bots, etc. We run this on all of our hosting servers daily. It is especially useful for detecting and removingĀ files uploaded by the numerous exploitable WordPress 3rd party plugins.

To begin, we need to enable the EPEL repository. At the time of writing this post, the latest version was 7.5. We always recommend checking for newer versions before blindly copy/pasting a command.

wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
rpm -ivh epel-release-7-5.noarch.rpm

Next, install all of the required ClamAV packages using yum

yum install clamav-server clamav-data clamav-update clamav-filesystem clamav

packagesWhen you first install ClamAV, it creates a config file with a line “Example” that needs to be removed. Edit the file vim /etc/freshclam.conf, using your favorite editor, and remove the “Example” line. In our file, it was on line 8. Then you can run freshclam, a utility to update the ClamAV database.

vim /etc/freshclam.conf
freshclam

Enable and start the service

systemctl enable clamd.service
systemctl start clamd.service

You should be all set. You can run the command below to make sure the process is running.

ps aux | grep clam

 

 

Leave a Reply