Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
cPanel ClamAV Cron Job
#!/bin/sh
for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do
SUBJECT="VIRUS SCAN ${i}"
EMAIL="youremail@yourdomain.com"
# Log location
LOG="/var/log/clamav/${i}-scan.log"
# Quarantine location
QUARANTINE="/home/${i}/quarantine/"
# make a directory for our log and quarantine if one does not exist
mkdir -p $QUARANTINE
mkdir -p "/var/log/clamav/"
# remove old log
rm $LOG &>/dev/null
#ready a new log
touch $LOG
check_scan () {
# Check if our "Infected" count is 0 and send an email if its not.
if [ `tail -n 12 ${LOG} | grep Infected | grep -v 0 | wc -l` != 0 ]
then
EMAILMESSAGE=`mktemp /tmp/virus-alert-${i}`
echo "To: ${EMAIL}" >> ${EMAILMESSAGE}
echo "From: alert@hostname.tld" >> ${EMAILMESSAGE}
echo "Subject: ${SUBJECT}" >> ${EMAILMESSAGE}
echo "Importance: High" >> ${EMAILMESSAGE}
echo "X-Priority: 1" >> ${EMAILMESSAGE}
echo "`tail -n 100 ${LOG}`" >> ${EMAILMESSAGE}
sendmail -t < ${EMAILMESSAGE}
fi
}
/usr/local/cpanel/3rdparty/bin/clamscan -i -r /home/$i --exclude=${QUARANTINE} --quiet --infected --log=${LOG} --move=${QUARANTINE};
check_scan
done >> /root/infections&
@jrxpress

This comment has been minimized.

Copy link

commented Apr 1, 2019

this is my new version .. I've better adapted to work on my server... I would like to share with you !!

https://gist.github.com/jrxpress/8981f3d984eeff0578e1dfd995fb9b54

-- replaced "sendmail" to "mail"
-- DIRTOSCAN based to user account path like: /home, home2, home3 etc..
-- properly chmod permissions for user and logs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.