scan FTP uploaded files on cPanel Servers with ClamAV

scan FTP uploaded files on cPanel Servers with ClamAV

clamav signaturesFirst we need install ClamAV, it has been now been included in cPanel/WHM. ClamAV is a free and open-source, cross-platform antivirus software tool-kit able to detect many types of malicious software, including viruses. One of its main uses is on mail servers as a server-side email virus scanner.

You can also install it from your cPanel/WHM interface as root as follows:

Step 1: Click on ‘cPanel’ in ‘WHM’
Step 2: Click on ‘Manage Plugins’
Step 3: Now Click on ‘Install ClamAV for cPanel’

Install ClamAV cPanel

After the successful installation edit the file /etc/pure-ftpd.conf and change this line to:

CallUploadScript yes

Next create file /etc/pure-ftpd/clamav_scan_ftp.sh with this content:

#!/bin/bash
#Maximum file size to scan in bytes that's set to 10MB
MAXSIZE=10485760
if [ "$UPLOAD_SIZE" -le "$MAXSIZE" ]; then
/usr/local/cpanel/3rdparty/bin/clamdscan --remove --quiet --no-summary "$1"
fi

Change its permissions and make it executable:

chmod 755 /etc/pure-ftpd/clamav_scan_ftp.sh

Now we should start the pure-uploadscript daemon every time to call our script when a file is uploaded

/usr/sbin/pure-uploadscript -B -r /etc/pure-ftpd/clamav_scan_ftp.sh

And to let it start with your server/vps reboots just run this:

echo "/usr/sbin/pure-uploadscript -B -r /etc/pure-ftpd/clamav_scan_ftp.sh" >> /etc/rc.d/rc.local

Now restart pure-ftpd:

service pure-ftpd restart

Now all your uploaded files which are less than 10MB in size will be scanned, adjust this size limit per your needs.

Final Words

Use Malware Expert – Signatures to get a better detection rate of malware from files for FREE!

  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

maldet installation

http://www.rfxn.com/projects/linux-malware-detect/ http://www.rfxn.com/appdocs/README.maldetect...

clamav scan

clamav scan mkdir /tmp/virus clamscan -ri --move=/tmp/virus /home/ When started...

maldet scan for spesific user

maldet scan for spesific user maldet --scan-all /home?/USER/public_html

view mail logs

view mail logs in order to view your mailogs tail -f /var/log/maillog tail -f...

phpshells check

phpshells check Code: freshclam; clamscan -ir /home/*/public_html/* | tee...