Skip to content

Instantly share code, notes, and snippets.

@kevinchappell kevinchappell/clamav.cron
Created Dec 6, 2015

Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
cPanel ClamAV Cron Job
Raw
clamav.cron
#!/bin/sh
for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do
SUBJECT="VIRUS SCAN ${i}"
EMAIL="youremail@yourdomain.com"
# Log location
LOG="/var/log/clamav/${i}-scan.log"
# Quarantine location
QUARANTINE="/home/${i}/quarantine/"
# make a directory for our log and quarantine if one does not exist
mkdir -p $QUARANTINE
mkdir -p "/var/log/clamav/"
# remove old log
rm $LOG &>/dev/null
#ready a new log
touch $LOG
check_scan () {
# Check if our "Infected" count is 0 and send an email if its not.
if [ `tail -n 12 ${LOG} | grep Infected | grep -v 0 | wc -l` != 0 ]
then
EMAILMESSAGE=`mktemp /tmp/virus-alert-${i}`
echo "To: ${EMAIL}" >> ${EMAILMESSAGE}
echo "From: alert@hostname.tld" >> ${EMAILMESSAGE}
echo "Subject: ${SUBJECT}" >> ${EMAILMESSAGE}
echo "Importance: High" >> ${EMAILMESSAGE}
echo "X-Priority: 1" >> ${EMAILMESSAGE}
echo "`tail -n 100 ${LOG}`" >> ${EMAILMESSAGE}
sendmail -t < ${EMAILMESSAGE}
fi
}
/usr/local/cpanel/3rdparty/bin/clamscan -i -r /home/$i --exclude=${QUARANTINE} --quiet --infected --log=${LOG} --move=${QUARANTINE};
check_scan
done >> /root/infections&
@jrxpress

This comment has been minimized.

Sign in to view
Copy link

jrxpress commented Apr 1, 2019

this is my new version .. I've better adapted to work on my server... I would like to share with you !!

https://gist.github.com/jrxpress/8981f3d984eeff0578e1dfd995fb9b54

-- replaced "sendmail" to "mail"
-- DIRTOSCAN based to user account path like: /home, home2, home3 etc..
-- properly chmod permissions for user and logs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.