How to run ClamAV and Maldet together on cPanel server?

You may be familiar with ClamAV and Maldet scanner (aka Linux Malware Detect). They're widely known as two excellent choices for identifying malware on Linux environment. What you may not realize, is that they can be team up together. The benefit of doing this is a faster, more effective malware scan, meaning; you're more likely to identify potential threats. This tutorial is based on cPanel/WHM system. We will install and configure both ClamAV and Maldet (LMD).

 

Installing ClamAV

 

Click here for complete steps of installing ClamAV from cPanel/WHM.

Installing Maldet

 

  1. Login into your VPS via SSH as the root user.

  2. Run below commands to install LMD (Linux Malware Detect).

    cd /usr/local/src/ 
    wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
    tar -xzf maldetect-current.tar.gz
    cd maldetect-*
    sh ./install.sh

 

Linking both ClamAV and Maldet together for the best performance

 

If you were to run a Linux Malware Detect scan now, it would run with no problem, however, it would not include ClamAV's definitions, therefore slowing down the scan completion time and threat detection ratio. To solve this, we must create two symbolic links, as follows:

 

 
ln -s /usr/local/cpanel/3rdparty/bin/clamscan /usr/local/bin/clamscan
ln -s /usr/local/cpanel/3rdparty/bin/freshclam /usr/local/bin/freshclam

 

Running a malware scan

 

Now when you run Maldet scan, it will also include the definition of ClamAV. If you wanted to run a malware scan of /home, you just need to run below command.

 

maldet -a /home/?

 

The above command will scan all files and directories within the /home directory, which is where the content for cPanel accounts is stored.

  • 1 Users Found This Useful

Was this answer helpful?

Related Articles

How to Install FTP on Ubuntu 18.04?

FTP stands for File Transfer Protocol used to share files/folders from one server to another...

How do I enable apache file and directory indexing in Linux or UNIX?

There are 2 ways to enable apache file and directory indexing. Using Apache config file : You...

Can I open APN port 2195 on my VPS?

You will get full administrative control of your VPS, therefore you can surely open/close any...

How to install Dotnet Core on Centos 7 ?

Dotnet Core is now available with the Linux OS. Following are the steps to install Dotnet Core on...

How to install the Zabbix agent version 4.0 on Debian 9 (strech)?

Zabbix is an Open-source monitoring tool use to monitor the health of servers, networks and other...