ClamAV is one of the most popular anti-virus plugin available for cPanel servers. If ClamAV plugin is installed in WHM server, individual cPanel users can also scan their home directory, emails, FTP directory from cPanel itself.
Step 1 :
Login to your Linux machine via SSH.
Step 2 :
Run the following command to scan specific cPanel user’s public_html directory. Make sure you replace actual cPanel username with “username” in following command. This command is useful when the specific cPanel account is infected and you want it to scan.
clamscan -ri /home/username/public_html
The flag -r denotes recursive file checking.
The flag -i will show only infected files.
Once scan is finished, you will be given Scan Summary report with list of infected files if any.
Step 3 :
To scan the public_html directory of all cPanel accounts, issue following command.
clamscan -ri /home/*/public_html
Step 4 :
To run the clamscan command to all cPanel accounts, issue following command.
clamscan -ri /home
Step 5 :
Issue following command to run the clamscan to remove infected files while scanning public_html directory of all cPanel accounts.
clamscan -ri –remove /home/*/public_html