20 Dec How to run ClamAV to scan all cpanel account from root by SSH
In this article, we’ll discuss how to run ClamAV scan via SSH in cPanel/WHM server. ClamAV is one of the most popular anti-virus plugin available for cPanel servers. If ClamAV plugin is installed in WHM server, individual cPanel users can also scan their home directory, emails, FTP directory from cPanel itself.
- Login to your Linux machine via SSH.
- Run the following command to scan specific cPanel user’s public_html directory. Make sure you replace actual cPanel username with “username” in following command. This command is useful when the specific cPanel account is infected and you want it to scan.
Shell1/usr/local/cpanel/3rdparty/bin/clamscan -ri /home/username/public_html
The flag -r denotes recursive file checking.
The flag -i will show only infected files.
Once scan is finished, you will be given Scan Summary report with list of infected files if any.
- To scan the public_html directory of all cPanel accounts, issue following command.
Shell1/usr/local/cpanel/3rdparty/bin/clamscan -ri /home/*/public_html
- To run the clamscan command to all cPanel accounts, issue following command.
Shell1/usr/local/cpanel/3rdparty/bin/clamscan -ri /home
- Issue following command to run the clamscan to remove infected files while scanning public_html directory of all cPanel accounts.
Shell1/usr/local/cpanel/3rdparty/bin/clamscan -ri --remove=yes /home/*/public_html
Shell1clamscan -ri --remove=yes /home/*/public_html