{"id":12803,"date":"2025-12-20T12:23:03","date_gmt":"2025-12-20T06:53:03","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=12803"},"modified":"2025-12-20T12:23:18","modified_gmt":"2025-12-20T06:53:18","slug":"how-to-configure-clamav-on-linux","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/how-to-configure-clamav-on-linux","title":{"rendered":"How to Configure ClamAV on Linux Server &#8211; (Step-by-Step Guide 2026)"},"content":{"rendered":"\n<p><strong>To configure ClamAV on a Linux server in 2026<\/strong>, install the ClamAV engine and daemon, update signatures with FreshClam, tune clamd.conf for logging and exclusions, run an initial scan, set a quarantine path, schedule recurring scans, and optionally enable on\u2011access scanning via clamonacc. Use systemd to enable services and verify with the EICAR test file.<\/p>\n\n\n\n<p>This step-by-step guide shows you how to configure ClamAV on a Linux server so it\u2019s fast, reliable, and production-ready. We\u2019ll cover installation across major distributions, FreshClam updates, daemon tuning, exclusions, quarantining, scheduled and on-access scans, verification, and troubleshooting. Whether you administer a VPS or a <a href=\"https:\/\/www.youstable.com\/blog\/secure-dedicated-server\/\">dedicated server<\/a>, this setup is secure and practical.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-clamav-and-why-use-it-on-a-linux-server\"><strong>What is ClamAV and Why Use it on a Linux Server?<\/strong><\/h2>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"2496\" height=\"1664\" src=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-66.png\" alt=\"What Is ClamAV and Why Use It on a Linux Server?\" class=\"wp-image-12903\" srcset=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-66.png 2496w, https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-66-150x100.png 150w\" sizes=\"auto, (max-width: 2496px) 100vw, 2496px\" \/><\/figure>\n\n\n\n<p>ClamAV is an open-source antivirus engine used to detect trojans, malware, and malicious <a href=\"https:\/\/www.youstable.com\/blog\/dnf-in-linux\/\">scripts on Linux<\/a>. It\u2019s commonly deployed on <a href=\"https:\/\/www.youstable.com\/blog\/install-apache-web-server-in-linux\/\">web servers<\/a>, mail gateways, and developer hosts to scan uploads, attachments, and files at rest. With the clamd daemon and FreshClam updates, ClamAV offers fast, signature-based detection plus optional on-access scanning support.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"prerequisites-and-best-fit-use-cases\"><strong>Prerequisites and Best-Fit Use Cases<\/strong><\/h2>\n\n\n\n<p><strong>Before you begin, ensure:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Root or sudo access<\/li>\n\n\n\n<li>A supported distribution (Ubuntu\/Debian, RHEL\/AlmaLinux\/Rocky, or similar)<\/li>\n\n\n\n<li>Outbound HTTPS access for signature updates<\/li>\n\n\n\n<li>Sufficient disk I\/O and CPU for scanning (clamd speeds up repeated scans)<\/li>\n<\/ul>\n\n\n\n<p>ClamAV is ideal when you need to scan web roots, mail flow (with MTAs), user uploads, archives, container volumes, and developer environments for known malware.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-by-step-configure-clamav-on-linux-server-2026\"><strong>Step-by-Step: Configure ClamAV on Linux Server (2026)<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"1-install-clamav-packages\"><strong>1) Install ClamAV Packages<\/strong><\/h3>\n\n\n\n<p><strong>Debian\/Ubuntu\/Mint:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt update\nsudo apt <a href=\"https:\/\/www.youstable.com\/blog\/install-clamav-on-linux\/\">install -y clamav<\/a> clamav-daemon clamav-freshclam\n<\/code><\/pre>\n\n\n\n<p><strong>RHEL\/CentOS\/AlmaLinux\/Rocky:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo dnf install -y epel-release\nsudo dnf install -y clamav clamd clamav-update\n<\/code><\/pre>\n\n\n\n<p>These packages provide the scanning engine, the clamd daemon for fast scans, and FreshClam for automatic signature updates.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"2-update-virus-signatures-freshclam\"><strong>2) Update Virus Signatures (FreshClam)<\/strong><\/h3>\n\n\n\n<p><strong>Run an initial update to seed the database:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl stop clamav-freshclam 2&gt;\/dev\/null || true\nsudo freshclam\n<\/code><\/pre>\n\n\n\n<p>Then enable the update service:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Debian\/Ubuntu\nsudo systemctl enable --now clamav-freshclam\n\n# RHEL\/Alma\/Rocky\nsudo systemctl enable --now freshclam\n<\/code><\/pre>\n\n\n\n<p>FreshClam will periodically fetch the latest definitions so your server remains protected.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"3-configure-clamd-and-logging\"><strong>3) Configure clamd and Logging<\/strong><\/h3>\n\n\n\n<p><strong>ClamAV daemon config files differ by distro. Common paths:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Debian\/Ubuntu: \/etc\/clamav\/clamd.conf and \/etc\/clamav\/freshclam.conf<\/li>\n\n\n\n<li>RHEL-family: \/etc\/clamd.d\/scan.conf and \/etc\/freshclam.conf<\/li>\n<\/ul>\n\n\n\n<p>Edit clamd configuration and set logging and a communication socket. Example (adjust to your distro path):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Example for Debian\/Ubuntu: \/etc\/clamav\/clamd.conf\nLogFile \/var\/log\/clamav\/clamd.log\nLogTime yes\nLogRotate yes\nLocalSocket \/run\/clamav\/clamd.ctl\nFixStaleSocket yes\n# Optional: reduce noise\nLogVerbose no\n\n# Optional: Exclude busy or virtual FS\nExcludePath ^\/proc\/\nExcludePath ^\/sys\/\nExcludePath ^\/dev\/\n<\/code><\/pre>\n\n\n\n<p>On RHEL-family systems, the file is often \/etc\/clamd.d\/scan.conf and may reference \/run\/clamd.scan\/clamd.sock by default. Ensure the log directory exists and is writable by the ClamAV user.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo mkdir -p \/var\/log\/clamav \/var\/quarantine\nsudo chown -R clamav:clamav \/var\/log\/clamav\nsudo chown -R clamav:clamav \/var\/quarantine\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"4-start-and-enable-clamd\"><strong>4) Start and Enable clamd<\/strong><\/h3>\n\n\n\n<p>Start the daemon and enable at boot:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Debian\/Ubuntu\nsudo systemctl enable --now clamav-daemon\n\n# RHEL-family\nsudo systemctl enable --now clamd@scan\n<\/code><\/pre>\n\n\n\n<p>Verify status and that it\u2019s listening on its socket:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>systemctl status clamav-daemon 2&gt;\/dev\/null || systemctl status clamd@scan\nsudo lsof -U | grep clamd\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"5-run-your-first-on-demand-scan\"><strong>5) Run Your First On-Demand Scan<\/strong><\/h3>\n\n\n\n<p>Use clamdscan (faster, via daemon) or clamscan (standalone):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Scan a directory and list only infected files\nsudo clamdscan -i \/var\/www\n\n# Or standalone (slower but independent of clamd)\nsudo clamscan -r -i \/var\/www\n<\/code><\/pre>\n\n\n\n<p>To move infections to quarantine during the scan:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo clamdscan -i --move=\/var\/quarantine \/var\/www\n# or\nsudo clamscan -r -i --move=\/var\/quarantine \/var\/www\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"6-set-exclusions-and-quarantine-defaults\"><strong>6) Set Exclusions and Quarantine Defaults<\/strong><\/h3>\n\n\n\n<p>Exclude paths that cause noise or heavy I\/O. You can use command-line flags or conf file directives:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># In clamd.conf (preferred for daemon scans)\nExcludePath ^\/proc\/\nExcludePath ^\/sys\/\nExcludePath ^\/dev\/\nExcludePath ^\/var\/lib\/docker\/overlay2\/\n<\/code><\/pre>\n\n\n\n<p>Tip: Keep at least one scheduled full scan monthly with limited exclusions, and more frequent targeted scans for web roots, mail, and user upload directories.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"7-schedule-automatic-scans\"><strong>7) Schedule Automatic Scans<\/strong><\/h3>\n\n\n\n<p>Use cron for a daily off-peak scan and a weekly deep scan. Example cron entries (system-wide crontab):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo bash -c 'cat &gt;&gt; \/etc\/crontab' &lt;&lt; \"EOF\"\n# Daily quick scan (infected only), logs to daily.log\n02 3 * * * root clamdscan -i --log=\/var\/log\/clamav\/daily.log \/var\/www\n\n# Weekly full scan with quarantine\n30 2 * * 0 root clamscan -r -i --exclude-dir=\"^\/proc|^\/sys|^\/dev\" \\\n --log=\/var\/log\/clamav\/weekly.log --move=\/var\/quarantine \/\nEOF\n<\/code><\/pre>\n\n\n\n<p>FreshClam already runs as a service; you don\u2019t need a separate cron for updates unless your distro uses cron by default. Confirm with systemctl status.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"8-optional-enable-on-access-scanning-clamonacc\"><strong>8) Optional: Enable On-Access Scanning (clamonacc)<\/strong><\/h3>\n\n\n\n<p>On-access scanning watches file operations using fanotify. Ensure your kernel supports fanotify (modern distributions do). Quick start:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Run clamonacc in the foreground to test\nsudo clamonacc --verbose \\\n  --log=\/var\/log\/clamav\/clamonacc.log \\\n  --move=\/var\/quarantine \\\n  --exclude-dir=\/proc --exclude-dir=\/sys --exclude-dir=\/dev \\\n  --include=\/var\/www\n<\/code><\/pre>\n\n\n\n<p>If your distro ships a clamonacc systemd unit (e.g., clamav-clamonacc), enable it. Otherwise, create a simple unit:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo bash -c 'cat &gt; \/etc\/systemd\/system\/clamonacc.service' &lt;&lt; \"EOF\"\n&#91;Unit]\nDescription=ClamAV On-Access Scanner\nAfter=network.target clamav-daemon.service\n\n&#91;Service]\nType=simple\nExecStart=\/usr\/bin\/clamonacc --log=\/var\/log\/clamav\/clamonacc.log \\\n --move=\/var\/quarantine --exclude-dir=\/proc --exclude-dir=\/sys --exclude-dir=\/dev \\\n --include=\/var\/www\nUser=root\nRestart=on-failure\n\n&#91;Install]\nWantedBy=multi-user.target\nEOF\n\nsudo systemctl daemon-reload\nsudo systemctl enable --now clamonacc\n<\/code><\/pre>\n\n\n\n<p>Start conservatively with specific include paths (e.g., \/var\/www) to limit overhead on busy servers.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"hardening-and-performance-tuning\"><strong>Hardening and Performance Tuning<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Use clamd for speed: <\/strong>clamdscan reuses loaded signatures, significantly reducing scan time on repeated runs.<\/li>\n\n\n\n<li><strong>Target web and mail paths: <\/strong>Focus on \/var\/www, \/home\/*\/public_html, and mail queues to reduce noise.<\/li>\n\n\n\n<li><strong>Quarantine safely: <\/strong>Store quarantined files outside web roots, with strict permissions.<\/li>\n\n\n\n<li><strong>Log rotation: <\/strong>Enable LogRotate in clamd.conf or integrate with your system\u2019s logrotate to prevent log growth.<\/li>\n\n\n\n<li><strong>Resource limits:<\/strong> If I\/O-bound, throttle scans via cron timing and smaller batches; if CPU-bound, schedule off-peak hours and reduce parallel jobs.<\/li>\n\n\n\n<li><strong>Secure updates: <\/strong>Keep FreshClam enabled; investigate errors promptly to avoid stale signatures.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"verify-protection-with-eicar-test-and-troubleshooting\"><strong>Verify Protection with EICAR Test and Troubleshooting<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"test-detection-eicar\"><strong>Test Detection (EICAR)<\/strong><\/h3>\n\n\n\n<p><strong>Download the harmless EICAR test file to confirm detection:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>curl -o \/tmp\/eicar.com.txt https:\/\/secure.eicar.org\/eicar.com.txt\nsudo clamdscan -i \/tmp\/eicar.com.txt\n# Expected: FOUND and moved\/deleted if configured\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"common-issues-and-fixes\"><strong>Common Issues and Fixes<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Permission denied: <\/strong>Run scans with sudo for system paths; ensure clamd\u2019s socket and log dirs are owned by the ClamAV user.<\/li>\n\n\n\n<li><strong>FreshClam errors: <\/strong>Check network\/DNS; run sudo freshclam to see explicit errors; ensure only one FreshClam instance runs.<\/li>\n\n\n\n<li><strong>Daemon not starting: <\/strong>Validate clamd.conf paths and sockets; remove stale sockets (FixStaleSocket yes); check systemctl logs.<\/li>\n\n\n\n<li><strong>High I\/O or CPU: <\/strong>Narrow target paths, increase exclusions, or split scans into smaller cron jobs.<\/li>\n\n\n\n<li><strong>False positives: <\/strong>Quarantine instead of deleting; review signatures and restore clean files if needed.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"real-world-use-cases-and-integrations\"><strong>Real-World Use Cases and Integrations<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Web hosting: <\/strong>Scan WordPress uploads and plugin directories to catch injected PHP malware or webshells.<\/li>\n\n\n\n<li><strong>Mail servers: <\/strong>Integrate ClamAV with your MTA (e.g., Postfix + Amavis) to scan inbound attachments.<\/li>\n\n\n\n<li><strong>CI\/CD pipelines: <\/strong>Scan build artifacts or container layers before promotion to production.<\/li>\n\n\n\n<li><strong>With Linux Malware Detect (Maldet):<\/strong> If maldet is installed, it can use ClamAV\u2019s engine to improve detection speed.<\/li>\n\n\n\n<li><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"complete-example-from-zero-to-protected\"><strong>Complete Example: From Zero to Protected<\/strong><\/h2>\n\n\n\n<p><strong>Here\u2019s a concise sequence that works on most servers:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># 1) Install\n# Debian\/Ubuntu\nsudo apt update &amp;&amp; sudo apt install -y clamav clamav-daemon clamav-freshclam\n# RHEL-family\nsudo dnf install -y epel-release &amp;&amp; sudo dnf install -y clamav clamd clamav-update\n\n# 2) Seed signatures and enable updates\nsudo systemctl stop clamav-freshclam 2&gt;\/dev\/null || true\nsudo freshclam\nsudo systemctl enable --now clamav-freshclam 2&gt;\/dev\/null || sudo systemctl enable --now freshclam\n\n# 3) Configure logging and exclusions\nsudo mkdir -p \/var\/log\/clamav \/var\/quarantine\nsudo chown -R clamav:clamav \/var\/log\/clamav \/var\/quarantine\n# Edit clamd.conf or scan.conf accordingly (see above)\n\n# 4) Enable daemon\nsudo systemctl enable --now clamav-daemon 2&gt;\/dev\/null || sudo systemctl enable --now clamd@scan\n\n# 5) First scan\nsudo clamdscan -i --move=\/var\/quarantine \/var\/www\n\n# 6) Schedule scans\necho '02 3 * * * root clamdscan -i --log=\/var\/log\/clamav\/daily.log \/var\/www' | sudo tee -a \/etc\/crontab\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs-configure-clamav-on-linux-server\"><strong>FAQs: Configure ClamAV on Linux Server<\/strong><\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1765606635200\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"is-clamav-sufficient-for-linux-server-protection\"><strong>Is ClamAV sufficient for Linux server protection?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>ClamAV is excellent for detecting known malware and scanning files at rest or in transit (mail, uploads). For layered security, combine it with a firewall, fail2ban, a WAF (e.g., ModSecurity), secure configs, and timely patching. Many hosts pair ClamAV with malware detection tools like Maldet and integrity monitoring.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765606646632\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-schedule-automatic-clamav-scans\"><strong>How do I schedule automatic ClamAV scans?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Use cron to run clamdscan or clamscan at off-peak hours. For example, add a daily job in \/etc\/crontab and log results to \/var\/log\/clamav\/. FreshClam typically runs as a systemd service by default, so you don\u2019t need a separate update cron.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765606654615\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"does-clamav-support-real-time-on-access-scanning\"><strong>Does ClamAV support real-time (on-access) scanning?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Yes, via clamonacc with fanotify support. It can monitor paths like \/var\/www for file events. Start with narrow include paths to limit overhead, and run it as a systemd service if your distribution provides a unit or create one manually.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765606664615\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"what-directories-should-i-exclude-from-clamav-scans\"><strong>What directories should I exclude from ClamAV scans?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Exclude virtual and ephemeral paths like \/proc, \/sys, \/dev, and heavy container layers like \/var\/lib\/docker\/overlay2. Consider excluding large cache directories. Always scan web roots, user uploads, and mail queues where risk is highest.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765606673815\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-can-i-test-that-clamav-is-working-correctly\"><strong>How can I test that ClamAV is working correctly?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Download the harmless EICAR test file and scan it. You should see a detection event and, if configured, the file moved to quarantine. Also check clamd and FreshClam service status, logs in \/var\/log\/clamav\/, and verify that scheduled scans generate reports.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"conclusion\"><strong>Conclusion<\/strong><\/h2>\n\n\n\n<p>Configuring ClamAV on a Linux server is straightforward: keep signatures fresh, run clamd for speed, scan the right paths, and automate. With on-access monitoring and sensible exclusions, you\u2019ll balance security and performance. Need a managed, security-first stack? YouStable can deploy, tune, and maintain ClamAV as part of a complete server hardening strategy.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>To configure ClamAV on a Linux server in 2026, install the ClamAV engine and daemon, update signatures with FreshClam, tune [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":15614,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[350],"tags":[],"class_list":["post-12803","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Configure-ClamAV-on-Linux-Server.jpg","author_info":{"display_name":"Prahlad Prajapati","author_link":"https:\/\/www.youstable.com\/blog\/author\/prahladblog"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12803","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=12803"}],"version-history":[{"count":5,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12803\/revisions"}],"predecessor-version":[{"id":15616,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12803\/revisions\/15616"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/15614"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=12803"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=12803"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=12803"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}