Bobcares

ClamAV configuration – How we set it up smartly and fix errors

by | Sep 19, 2020

ClamAV is one of the best tools for detecting viruses, malware, and malicious software on the server. At Bobcares, we often get requests to do ClamAV configuration on Linux servers as part of our Server Management Services.

Today, let’s get into the details and see how our Support Engineers install and configure ClamAV on Linux servers.

How we do ClamAV configuration on Linux servers

ClamAV is a free antivirus tool used to detect viruses, malware, and malicious software on Linux-based machines.

Here, we’ll see how our Support Engineers install and configure ClamAV on CentOS / RHEL 7.

1. Initially, we install the EPEL repository

yum install epel-release

2. Then, we install ClamAV on the server by using the following command.

yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

3. Next, we remove the Example string from the configuration file.

sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf

4. Also, we open the configuration file /etc/clamd.d/scan.conf

5. Then, we set up a path to local socket file the daemon will listen on. For that, we remove the ‘ # ‘ for LocalSocket

LocalSocket /var/run/clamd.scan/clamd.sock

6. Again, we remove Example string from ClamAV’s freshclam update engine configuration file.

sed -i -e "s/^Example/#Example/" /etc/freshclam.conf

Freshclam is the automatic database update tool for Clam AntiVirus.

7. Next, we execute the virus definition database update,

freshclam

7. Finally, we start the Clamd service

systemctl start clamd@scan
systemctl enable clamd@scan

That’s it.

 

How we fixed the common errors related to ClamAV configuration

At Bobcares, where we have more than a decade of expertise in managing servers, we see many customers face problems while managing ClamAV errors.

Now, let’s see the major reasons for the ClamAV related errors error and how our Support Engineers fix the top errors.

 

Improper ClamAV update

Recently, one of our customers had a problem with his ClamAV. He installed ClamAV on the cPanel server. However, the ClamAV was not working.

On checking, our Support Engineers found that the ClamAV updating improperly.

Therefore, we updated ClamAV by running the following command via an SSH session

/usr/local/cpanel/3rdparty/bin/freshclam

After that, it started to work again without any problems.

 

Problem with clamav-daemon

Similarly, another customer had an error after installing ClamAV on a Webmin server. When he tried to enable ClamAV on the server he got an error like,

ClamAV server scanner : ERROR: Can't connect to clamd: No such file or directory

On checking, our Support Engineers found that the clamav-daemon wasn’t running on the server.

When we run the command/etc/init.d/clamav-daemon restart and the following was the output,

Stopping ClamAV daemon: clamd.
Clamav signatures not found in /var/lib/clamav ... failed!
Please retrieve them using freshclam ... failed!
Then run '/etc/init.d/clamav-daemon start' ... failed!

So, we execute the virus definition database update.

freshclam

After that, we execute the following command to start the clamav-daemon.

/etc/init.d/clamav-daemon start

Then, we login into Virtualmin’s web interface, we clicked yes for Run ClamAV server scanner >> Then,  click on Next button.

Everything worked fine.

 

[Need assistance to fix ClamAV errors? We’ll help you.]

 

Conclusion

In short, Clam AntiVirus is an open-source antivirus tool to detect many types of malicious software, including viruses. Today, we saw how our Support Engineers did ClamAV configuration and fixed the related errors.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

2 Comments

  1. Jim

    What file actually updates the clamav scan engine version number from say 0.103.x to 0.105.x. It can’t be the daily file. I have read that one just can’t update the daily files and at some point the scan engine needs to be update as well as things can greatly get out of sync and not work correctly based on the lastest signatures if not kept in sync. I am trying to fix some clamav issues and I am seeing the clamscan version number is 2 or 3 years old, but is using a recent release of signatures. No one talks about this, they just say run freshclam to get the latest updates. This is all done on separate networks not connected to the internet. It happens in a similar way of using RH Satellite servers and using playbooks etc and I need to understand correctly how clamav works exactly to make sure things are setup correctly. Too many vague articles just skim over the update process.

    Reply
    • Hiba Razak

      Hello Jim,

      freshclam is a virus database update tool for ClamAV. It routinely checks for software updates and the latest virus definitions.
      If your clamav is in EOL, you should update the clamav to its newer version.
      If you want any help regarding clamav issue, Please contact our support team via live chat(click on the icon at right-bottom).

      Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.