Need Help with ClamAV Cron Job
I am trying to modify the recommended cPanel daily ClamAV cron scan found here Configure ClamAV Scanner - Version 70 Documentation - cPanel Documentation. I would like to adjust it to remove or destroy any files with viruses found. Do I just need to add the -remove tag?
Should I quarantine files instead? I am afraid they will just build up that way. does ClamAV normally have a lot of false positives? I have about 80 client domains on my server. Any advice is appreciated.
while read domain user; do /usr/local/cpanel/3rdparty/bin/clamscan -i -r -remove /home/"$user" 2>&1; done >/root/infections.txt
Should I quarantine files instead? I am afraid they will just build up that way. does ClamAV normally have a lot of false positives? I have about 80 client domains on my server. Any advice is appreciated.
-
Is this the cron I need to run to remove the files and also email me the results daily? while read domain user; do /usr/local/cpanel/3rdparty/bin/clamscan -i -r --remove /home/"$user" 2>&1; done >/root/infections.txt
0 -
does anyone know if this is correct way to scan, remove infected files and also send an email notification to root? while read domain user; do /usr/local/cpanel/3rdparty/bin/clamscan -i -r --remove /home/"$user" 2>&1; done >/root/infections.txt
0 -
Clamscan provides options to move the infected files to a specific directory - commands for this can be found here: ClamavNet Sometimes infected files are actually legitimate and necessary files with inserted code - you wouldn't necessarily want to outright delete them 0
Please sign in to leave a comment.
Comments
3 comments