Installing ClamAV on CentOS 8.2 and configuring it to scan your server regularly is a pretty easy process. While there are better commercial virus scanners available with real-time scanning etc, ClamAV is completely free and is great for scanning your server on a regular basis for some peace of mind.
In this guide I’ll walk through the process of installing ClamAV on CentOS, configuring regular scans and updates, and configuring email alerts so you can be made aware in the event of ClamAV finding a virus on your server. I’ll also make a guide soon with instructions on how to have ClamAV scan emails for Postfix.
Before you can install ClamAV, you’ll need to add the EPEL repo to your server. You can do this by running the command below. You’ll need to trust the certificate on the first install too.
sudo yum install epel-release && yum update
Next, you’ll need to install ClamAV and other associated software:
sudo yum install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd
You’ll then be asked if you wish to download and install the packages listed above, just type y and press enter.
# Is this ok [y/d/N]: y
That’s it – ClamAV is now installed on your server. The next step is to install the latest definitions. You can do this by simply typing freshclam:
Configure ClamAV with SELinux
Simply run the following command to register ClamAV with SELinux:
setsebool -P antivirus_can_scan_system 1
Now ClamAV is installed, you can configure cronjobs for scanning and updating definitions. Tip: Use clamdscan for quicker scans.