ClamAV Scanner
05-24-2010 @ 5:17AM EDT
This is a very simple bash script that will scan the public_html directory for each domain on your server with ClamAV. This will scan for viruses, malware, trojans, and other nasty scripts and move them to a directory called QUARANTINE in your root directory (/).
How to use it:
If you don't already have a mydir or QUARANTINE folder then create them and set the permissions for the QUARANTINE directory (mkdir /mydir && mkdir /QUARANTINE && chmod 0770 /QUARANTINE). Then copy and paste the code into a new clamcheck.sh file in the /mydir folder (vi /mydir/clamcheck.sh). Don't forget to set your permissions to make the file executable (chmod 0771 /mydir/clamcheck.sh). Now you can copy and paste the following line into your crontab (type crontab -e after you SSH into your server):
10 0 * * * /mydir/clamcheck.sh
The above line will run the script every morning at 12:10AM.
You can adjust the time based on your other scheduled jobs because if you have a lot of accounts this can run for a while.
A breakdown of the clamcheck.sh script:
#!/bin/bash <- Tells the server to run this script with the BASH interpreter.
echo "Daily Virus Scan Started at `date`(`uptime`)" > /var/log/clamscanlog.txt <- Prints the start time before running to the clamscanlog.txt log (includes the uptime statistics so you can be aware of the CPU load prior to running so you will know whether or not you need to change the scheduled time for when the CPU is not being used heavily).
clamscan -ir --move=/QUARANTINE /home/*/public_html/ >> /var/log/clamscanlog.txt <- Scans all of the files in the public_html and all sub-directories with ClamAV and moves infected files to the QUARANTINE folder then writes the scan results to the log.
echo "Daily Virus Scan Ended at `date`(`uptime`)" >> /var/log/clamscanlog.txt <- Prints the end time when finished to the log (includes the uptime to keep track of your CPU load).
mail -s "CLAM Check Results"
Code:
#!/bin/bash
echo "Daily Virus Scan Started at `date`(`uptime`)" > /var/log/clamscanlog.txt
clamscan -ir --move=/QUARANTINE /home/*/public_html/ >> /var/log/clamscanlog.txt
echo "Daily Virus Scan Ended at `date`(`uptime`)" >> /var/log/clamscanlog.txt
mail -s "CLAM Check Results" < /var/log/clamscanlog.txt
echo "Daily Virus Scan Started at `date`(`uptime`)" > /var/log/clamscanlog.txt
clamscan -ir --move=/QUARANTINE /home/*/public_html/ >> /var/log/clamscanlog.txt
echo "Daily Virus Scan Ended at `date`(`uptime`)" >> /var/log/clamscanlog.txt
mail -s "CLAM Check Results"
servers, linux, scripts, security, apache, clamav, tutorials
Comments
This article hasn't been commented yet.
Write a comment
* = required field