ClamAV is a free open-source antivirus engine for detecting trojans, viruses, malware, and other malicious threats. While Linux servers are less susceptible to viruses than Windows, ClamAV is essential for scanning files from mixed environments. This guide installs ClamAV on Ubuntu 24.04 LTS.
Tested and valid on:
- Ubuntu 24.04 LTS
Prerequisites
- Ubuntu 24.04 LTS server
- A user with sudo privileges
Step 1 – Install ClamAV
Install ClamAV and the daemon:
sudo apt update
sudo apt install clamav clamav-daemon -yStep 2 – Update the Virus Database
Stop the daemon, update definitions, then restart:
sudo systemctl stop clamav-freshclam
sudo freshclam
sudo systemctl start clamav-freshclamStep 3 – Enable Automatic Database Updates
The freshclam service checks for updates automatically. Enable and start it:
sudo systemctl enable clamav-freshclam
sudo systemctl start clamav-freshclamStep 4 – Run a Manual Scan
Scan the home directory and log results:
sudo clamscan -r /home --log=/var/log/clamav-scan.logScan and remove infected files (use with caution):
sudo clamscan -r --remove /var/www/htmlStep 5 – Enable the ClamAV Daemon
Enable on-access scanning with the daemon:
sudo systemctl enable clamav-daemon
sudo systemctl start clamav-daemonStep 6 – Automate Scans with Cron
Schedule a daily scan:
echo '0 3 * * * root clamscan -r /home --log=/var/log/clamav-daily.log' | sudo tee /etc/cron.d/clamav-dailyStep 7 – Check Scan Logs
Review the latest scan log:
sudo tail -50 /var/log/clamav-scan.log | grep -E 'FOUND|ERROR|Infected'Conclusion
ClamAV is now installed and running on Ubuntu 24.04 LTS with automatic virus definition updates. Use it to scan upload directories, mail attachments, and web application file shares.
