Virus Scan¶
Introduction¶
1Panel uses ClamAV for virus scanning. ClamAV is an open-source (GPLv2 licensed) antivirus toolkit specifically designed for scanning emails on mail gateways. It offers a variety of practical tools, including a flexible and extensible multi-threaded daemon, a command-line scanner, and advanced tools for automatically updating databases. The core of this toolkit is an antivirus engine provided in the form of a shared library.
Requirement¶
The minimum recommended spec for ClamAV is
- CPU requirement: 1 CPU, 2.0 Ghz+;
- Memory requirement: 3 GiB+;
- Disk space: At least 5GiB of available disk space.
Installing ClamAV¶
- Install the EPEL repository
yum install -y epel-release
- Install ClamAV
yum install -y clamav clamd clamav-update
- Modify the ClamAV configuration file by uncommenting the following lines in
/etc/clamd.d/scan.conf
.LogFile /var/log/clamd.scan LogFileMaxSize 2M PidFile /run/clamd.scan/clamd.pid DatabaseDirectory /var/lib/clamav LocalSocket /run/clamd.scan/clamd.sock
- Modify the clamav-freshclam configuration file by uncommenting the following lines in
/etc/freshclam.conf
.DatabaseDirectory /var/lib/clamav UpdateLogFile /var/log/freshclam.log PidFile /var/run/freshclam.pid DatabaseMirror database.clamav.net Checks 12
- Start the ClamAV service
systemctl start [email protected] systemctl start clamav-freshclam.service
- Enable ClamAV to start at boot
systemctl enable [email protected] systemctl enable clamav-freshclam.service
- Check the status of the ClamAV service
systemctl status [email protected] systemctl status clamav-freshclam.service
- Install ClamAV
sudo apt install clamav clamav-daemon -y
- Start the ClamAV service
sudo systemctl start clamav-daemon sudo systemctl start clamav-freshclam.service
- Enable ClamAV to start at boot
sudo systemctl enable clamav-daemon sudo systemctl enable clamav-freshclam.service
- Check the status of the ClamAV service
sudo systemctl status clamav-daemon sudo systemctl status clamav-freshclam.service
Scan task¶
When creating a scan task, you can specify the scan directory and the strategy for handling infected files.
The following handling strategies are currently supported for infected files after scanning:
- No action
- Delete the file
- Move the file to a quarantine directory
- Copy the file to a quarantine directory
Tips
By clicking the Trigger
button in the operation column, you can manually execute the scan task. Clicking the Records
button allows you to view the execution records and scan results of the scan task.