Purpose
ClamAV scans files and email for known malware signatures. It is useful for detecting infected uploads, suspicious email attachments, and compromised website files.
Setup ideas
- Install or enable ClamAV from WHM where supported.
- Keep signature updates working.
- Schedule scans for user home directories during low-traffic periods.
- Decide whether detections are quarantined, reported, or manually reviewed.
- Educate customers that malware cleanup may require code review, password resets, and software updates.
Limits
Antivirus scanning is not a complete web security strategy. Outdated WordPress plugins, weak passwords, insecure file permissions, and vulnerable scripts can reinfect a site after files are cleaned.
Security baseline
- Use strong unique passwords.
- Enable two-factor authentication.
- Keep software updated.
- Remove unused users, scripts, themes, and plugins.
- Review logs after suspicious activity.
- Use backups before cleanup or repair.
Quick support handoff
If this article does not solve the issue, open a support ticket with the domain, service name, exact error, time the problem started, and what changed recently.
