cPanel ClamAV Cron Job

clamav.cron

#!/bin/sh

for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do
  
  SUBJECT="VIRUS SCAN ${i}"
  EMAIL="youremail@yourdomain.com"
  
  # Log location
  LOG="/var/log/clamav/${i}-scan.log"
  # Quarantine location
  QUARANTINE="/home/${i}/quarantine/"

  # make a directory for our log and quarantine if one does not exist
  mkdir -p $QUARANTINE
  mkdir -p "/var/log/clamav/"

  # remove old log
  rm $LOG &>/dev/null

  #ready a new log
  touch $LOG

  check_scan () {
      # Check if our "Infected" count is 0 and send an email if its not.
      if [ `tail -n 12 ${LOG}  | grep Infected | grep -v 0 | wc -l` != 0 ]
      then
          EMAILMESSAGE=`mktemp /tmp/virus-alert-${i}`
          echo "To: ${EMAIL}" >>  ${EMAILMESSAGE}
          echo "From: alert@hostname.tld" >>  ${EMAILMESSAGE}
          echo "Subject: ${SUBJECT}" >>  ${EMAILMESSAGE}
          echo "Importance: High" >> ${EMAILMESSAGE}
          echo "X-Priority: 1" >> ${EMAILMESSAGE}
          echo "`tail -n 100 ${LOG}`" >> ${EMAILMESSAGE}
          sendmail -t < ${EMAILMESSAGE}
      fi
  }

  /usr/local/cpanel/3rdparty/bin/clamscan -i -r /home/$i --exclude=${QUARANTINE} --quiet --infected --log=${LOG} --move=${QUARANTINE};
  check_scan

done >> /root/infections&

this is my new version .. I've better adapted to work on my server... I would like to share with you !!

https://gist.github.com/jrxpress/8981f3d984eeff0578e1dfd995fb9b54

-- replaced "sendmail" to "mail"
-- DIRTOSCAN based to user account path like: /home, home2, home3 etc..
-- properly chmod permissions for user and logs