Use ClamAV on a Linux server to protect your system from viruses, malware, and other threats with a powerful open-source antivirus engine. ClamAV is widely used for scanning files, emails, and servers to identify malicious content and keep Linux environments safe.
It supports real-time scanning, scheduled scans, and automatic virus database updates. Lightweight and efficient, ClamAV integrates seamlessly with mail servers and file systems, making it ideal for enterprise and personal use alike. Its flexibility and frequent signature updates ensure ongoing protection against evolving threats.
This guide will help you use ClamAV on a Linux server by walking through installation, configuring virus database updates, running scans, and managing the antivirus service.
Prerequisites
- A Linux server such as Ubuntu, Debian, CentOS, Red Hat, or similar
- Root or sudo privileges to install and configure ClamAV
- Internet connection to download packages and update virus definitions
- Terminal access for command execution
Steps to Use ClamAV on a Linux Server
ClamAV is a free, open-source antivirus engine designed for detecting malicious software, viruses, trojans, and other threats on Linux systems. It’s a reliable tool for scanning files, mail servers, and directories for potential malware. Below are the essential steps to install, configure, and effectively use ClamAV on a Linux server for enhanced system protection.
Step 1: Install ClamAV on the Linux Server
Update your package list to get the latest software versions:
- Ubuntu/Debian:
sudo apt update- CentOS/Red Hat:
sudo yum updateInstall ClamAV packages, including the daemon for background scanning:
- Ubuntu/Debian:
sudo apt install clamav clamav-daemon- CentOS/Red Hat:
sudo yum install clamav clamav-updateStep 2: Update ClamAV Virus Database
To keep your server protected, update the virus signature database regularly. First, stop the automatic freshclam updater to avoid conflicts:
sudo systemctl stop clamav-freshclamManually update the virus definitions:
sudo freshclamRestart the freshclam service:
sudo systemctl start clamav-freshclamThis ensures ClamAV has the latest virus signatures for accurate scanning.
Step 3: Start and Enable ClamAV Daemon
Enable and start the ClamAV daemon service so it can run continuously in the background:
sudo systemctl enable clamav-daemon
sudo systemctl start clamav-daemonCheck the status to confirm the service is active:
sudo systemctl status clamav-daemonCheck Out | Understand ClamAV on Linux Server: Essential Malware Protection
Step 4: Scan Files and Directories with ClamAV
Use the clamscan command to scan files or directories for viruses.
- Scan a specific directory recursively:
sudo clamscan -r /path/to/directory- Scan and remove infected files automatically (use with caution):
sudo clamscan -r --remove /path/to/directory- Scan the entire system and output results to a log file:
sudo clamscan -r / --log=/var/log/clamav/clamav-scan.logStep 5: Automate Virus Scans with Cron
Set up a scheduled scan using cron to run ClamAV regularly.
Edit the root user’s crontab:
sudo crontab -eAdd a daily scan at 2 AM:
0 2 * * * /usr/bin/clamscan -r /home >> /var/log/clamav/daily-scan.logSave and exit. This keeps your Linux server scanned regularly without manual effort.
Check Out | Configure Fail2ban on Linux Server: Step-by-Step Setup Guide
Step 6: Useful ClamAV Commands on Linux Server
- Check ClamAV version:
clamscan --version- Update virus definitions manually:
freshclam- Scan a single file:
clamscan /path/to/file- Display only infected files in scan output:
clamscan --infected /path/to/scanCheck Out | How to Configure SSH on a Linux Server: Comprehensive Guide for Beginners
Conclusion
To use ClamAV on a Linux server, install the ClamAV packages, keep the virus database updated, and run scans manually or on a schedule to detect and remove threats. Running the ClamAV daemon ensures constant protection by allowing real-time scanning capabilities. ClamAV offers an effective open-source solution to safeguard your Linux server from malware and viruses. For detailed configurations and advanced usage, you can refer to the official ClamAV documentation.
![Easiest Way to Use FTP on Linux Server [2025 Guide]](https://www.youstable.com/blog/wp-content/uploads/2025/08/Easiest-Way-to-Use-FTP-on-Linux-Server-2025-Guide.jpg)
![Use Kubernetes on Linux to Manage Containers [Expert Guide]](https://www.youstable.com/blog/wp-content/uploads/2025/08/Use-Kubernetes-on-Linux-to-Manage-Containers-Expert-Guide.jpg)