How to Install ClamAV on CentOS 7

How to Install ClamAV on CentOS 7

Do you want to protect your VPS from dangerous malware and viruses? You can easily do that by installing an antivirus. There are plenty of options out there, but we recommend installing ClamAV on your private server. It’s a great open-source antivirus solution against trojans, malware, and other security threats.

In this article, you will learn how to install ClamAV on CentOS 7 for better server protection!

Why Do You Need Antivirus on Linux Server?

While Linux is known to be one of the more secure operating systems, that doesn’t mean it is impenetrable to virus attacks. One study has shown that 36% of total top malware cases in Q1 2017 were reported on Linux systems. What’s worse, is that these numbers are not going down.

It also states that 82% of the attacks target web servers. That’s more than enough to alert anyone about their VPS and server security. Therefore, you need an antivirus to give your system better online protection.

Thankfully, we have ClamAV, one of the best Linux security solutions to get rid of numerous malware threats. It’s reliable, easy to set up, and free. You can also install other security tools like a firewall or instruction detection and prevention systems (IDS/IPS).

Just keep in mind that this guide will show you how to install ClamAV on CentOS 7 distribution. If you want to learn more about how to install IDS/IPS, check out our tutorial on configuring Suricata on Ubuntu.

Before we begin, make sure that you have root access to your CentOS 7 server or VPS. For Hostinger virtual server hosting users, the required credential can be found on the Servers tab in hPanel.

Additionally, you need to know how to use Putty (Windows) or Terminal (macOS, Linux) to establish the SSH connection.

How to Install ClamAV on CentOS 7

We’ll divide this tutorial into three steps – installing ClamAV on CentOS 7, configuring SELinux, and configuring ClamAV. So, let’s get started!

Important! CentOS Linux 8 has reached it’s End of Lifetime (EOL) on 2021-12-31. While CentOS Linux 7 is still supported, it will reach EOL on 2024-06-30. We recommend keeping that in mind when choosing this OS. You can read more about it in their official website.

1. Installing ClamAV on CentOS 7

  1. By default, ClamAV doesn’t come prepackaged in the CentOS software repository. We have to add the additional repository by running yum commands one after the other:
    sudo yum -y install epel-release
    sudo yum clean all
  2. Now, it’s time to install ClamAV on CentOS 7. Simply run the following command:
    sudo yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

You have installed ClamAV, but we still need to make several additional configurations to make it work properly.

2. Configuring SELinux

SELinux is a security measure aimed at protecting changes to some files. Additional configuration is required if you want to use ClamAV with enabled SELinux kernel module. Otherwise, ClamAV will not be able to read certain sections of your files.

Configuring SELinux is only necessary if your server has SELinux enabled. On Hostinger VPS plans, it is disabled by default.
In order to check if your server has SELinux enabled, use the command sestatus.

  1. To configure SELinux, execute the following commands one by one:
    sudo setsebool -P antivirus_can_scan_system 1
    sudo setsebool -P clamd_use_jit 1
  2. Next, you have to verify the changes:
    sudo getsebool -a | grep antivirus

    You should get this result:

    antivirus_can_scan_system --> on
    antivirus_use_jit --> off

Once ClamAV is ready to run alongside SELinux, it is time to configure the antivirus.

3. Configuring ClamAV

  1. Before you can enable ClamAV configuration, you need to remove Example string from the configuration file using the sed command:
    sudo sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf
  2. Next, you will have to specify the server type. Open the configuration file using your favorite text editor. In this example, we will use nano. If it’s not already installed, you can do it using yum:
    sudo yum install nano -y

    Next, open the configuration file:

    sudo nano /etc/clamd.d/scan.conf

    Find the following line:

    #LocalSocket /var/run/clamd.scan/clamd.sock

    Remove the # symbol and save your changes.

  3. Now, remove Example string from ClamAV’s freshclam update engine configuration file:
    sudo sed -i -e "s/^Example/#Example/" /etc/freshclam.conf
  4. Once that’s done, you can run virus definition database update:
    sudo freshclam

    You should get a similar output:

    ClamAV update process started at Tue Dec  19 09:30:20 2016
    main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
    Trying host database.clamav.net (69.163.100.14)...
    Downloading daily.cvd [100%]
    daily.cvd updated (version: 22739, sigs: 1100989, f-level: 63, builder: neo)
    Downloading bytecode-279.cdiff [100%]
    Downloading bytecode-280.cdiff [100%]
    Downloading bytecode-281.cdiff [100%]
    Downloading bytecode-282.cdiff [100%]
    Downloading bytecode-283.cdiff [100%]
    bytecode.cld updated (version: 285, sigs: 57, f-level: 63, builder: bbaker)
    Database updated (5319836 signatures) from database.clamav.net (IP: 168.143.19.95)
  5. Lastly, start Clamd service and run it on boot:
    sudo systemctl start clamd@scan
    sudo systemctl enable clamd@scan

Conclusion

Viruses can harm computers and even web servers at any given time, regardless of what operating system you’re using. Therefore, if you own a Linux VPS or a server, you must install an antivirus to protect it from malicious attacks.

You’ve learned how to install ClamAV on CentOS 7 using the command line. Let’s review the steps once more:

  1. Download the EPEL repository and install ClamAV on CentOS 7.
  2. Configure SELinux to make sure ClamAV can thoroughly read all of your files.
  3. Configure ClamAV and start the service.

That’s it! Feel free to leave a comment below if you have any questions.

Author
The author

Edgaras G.

Edgaras is a veteran server administrator at Hostinger. He makes sure that every server runs at full throttle and has all the latest technological advancements. When he's not working, Edgaras enjoys skiing and exploring the world.