Install and Configure ClamAV on Ubuntu 20.04

Learn how to configure ClamAV as a Daemon Service on Ubuntu server

March 8, 2023Last Updated: March 8, 2023
523

ClamAV is important tool when it comes to the battle against day-to-day threats against Linux webservers. If you’re not using it already, this tutorial will show you how to install and configure ClamAV as a daemon on your Ubuntu 20.04 machine.

If you built your VPS following our Virtualmin & LEMP guide, chances are that you already have ClamAV installed on your server. In that case, you can skip the installation part and go directly to configuring it. But executing following commands won’t do any harm either.

How to Install ClamAV on Ubuntu VPS

Ubuntu 20.04 ships with ClamAV. You can simple install it with following commands.

				
					apt install clamav clamav-daemon clamav-freshclam

This will only take few seconds. You can verify the installation by checking ClamAV version with following command.

				
					clamscan -V

You should see an out put similar to below screenshot.

Check ClamAV Version

This means ClamAV is installed and running. You can continue to configure it in the next section.

How to Configure ClamAV on Ubuntu VPS

Although ClamAV is installed and running by now, it’s been as UNIX user clamav. This gives us permission problems when we want to use ClamAV with other software like Maldet (LMD). If you have been following our tutorials, you know that we use Maldet and inotify-tools with ClamAV for real-time malware scanning on our servers. 

Maldet fails to use ClamAV for real-time scannings when ClamAV is run by another UNIX user. So, we need to configure ClamAV so it is run by the root user.

Open ClamAV configuration file with following command.

				
					nano /etc/clamav/clamd.conf

Now look for following two line within the file.

				
					LocalSocketGroup clamav
				
			
				
					User clamav

These two lines define the UNIX user group and UNIX user ClamAV will be run as. We need to replace clamav with root like below.

Close the file by hitting Ctrl + X keys on your keyboard. ANd then restart ClamAV Daemon.

				
					systemctl restart clamav-daemon

How to Test ClamAV on Ubuntu VPS

Now that CLamAV is installed and appeared to be running, let’s do a small test to see if it’s actually working and detecting dangerous objects.

				
					curl https://www.eicar.org/download/eicar.com.txt | clamdscan -

You should see an output like below.

Congratulations! ClamAV has detected the infected file. BTW, it’s not a harmful file. It just simulates a malware, so you don’t need to worry about testing with it,

Tags
March 8, 2023Last Updated: March 8, 2023
523

Tharindu

Hey!! I'm Tharindu. I'm from Sri Lanka. I'm a part time freelancer and this is my blog where I write about everything I think might be useful to readers. If you read a tutorial here and want to hire me, contact me here.

Related Articles

Configure Domain Specific Emails with Virtualmin

Configure Domain Specific Emails with Virtualmin

September 8, 2018
install Naxsi WAF for Nginx and Virtualmin

Install Naxsi WAF for Nginx and Virtualmin on Ubuntu 20.04

October 20, 2018
analyze Naxsi logs & create whitelist rules

Analyze Naxsi logs & Create Whitelist Rules with nxutil

May 14, 2019
Real-time Malware Scanning for Virtualmin

Real-time Malware Scanning for Virtualmin with Linux Malware Detect

October 3, 2018

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button