https://www.apt-upgrade.me

- Keep me up to date -

IT Security Linux

๐Ÿ›ก๏ธ Getting ClamAV Daemon to Play Nice with Nextcloud’s Antivirus App (Like a True Nerd)

Byraphael

Jul 13, 2025 #antivirus, #Apache, #clamav, #clamd, #clamdscan, #cron jobs, #cyber security, #Debian, #eicar test, #file scanning, #home lab, #Linux, #Monitoring, #Nerd Life, #Nextcloud, #nginx, #Open Source, #php, #self-hosted, #server setup, #shell commands, #smart cloud, #Sysadmin, #tcp socket, #unix socket, #virus protection

If you’re like me and want your Nextcloud to scream the moment something shady shows up in your files, then you’re probably using the Antivirus for Files app. But here’s the twist: for performance and true sysadmin joy, you don’t want clamscan. You want the big guns โ€” the ClamAV Daemon using a local Unix socket.

โš™๏ธ Step 1: Install ClamAV and the Daemon

sudo apt update
sudo apt install clamav clamav-daemon -y

This installs the scanner and the background daemon โ€” the dream team of file hygiene.

๐Ÿ”„ Step 2: Update the Virus Definitions (Feed the Beast)

sudo systemctl stop clamav-freshclam
sudo freshclam
sudo systemctl start clamav-freshclam

Don’t scan with stale signatures. Thatโ€™s like fighting dragons with butter knives.

๐ŸŽฉ Step 3: Start the Daemon

sudo systemctl enable clamav-daemon
sudo systemctl start clamav-daemon
sudo systemctl status clamav-daemon

At this point, the daemon should be purring quietly in the background, waiting to strike at evil bits and bytes.

๐Ÿ“Ž Step 4: Check the Socket

ls -l /var/run/clamav/clamd.ctl

This is the local Unix socket that clamdscan uses to talk to clamd. Itโ€™s like a high-speed private hotline just for your cloudโ€™s immune system.

๐Ÿ‘ค Step 5: Give Nextcloud Access to the Socket

sudo usermod -a -G clamav www-data
sudo systemctl restart clamav-daemon
sudo systemctl restart apache2   # or nginx/php-fpm depending on your setup

This lets the webserver access the socket โ€” no root privileges required, just proper group membership.

๐Ÿ”Œ Step 6: Configure the Antivirus App in Nextcloud

  • Mode: ClamAV Daemon (Socket)
  • Socket: /var/run/clamav/clamd.ctl

 

๐Ÿงช Step 7: Test Like a Nerd

wget https://secure.eicar.org/eicar.com.txt -O /tmp/eicar.txt
clamdscan /tmp/eicar.txt

Expected result:

/tmp/eicar.txt: Eicar-Test-Signature FOUND

If you see this, your setup is working beautifully. ๐Ÿ‘Œ

๐Ÿ’Œ Optional: Tune Antivirus Settings in Nextcloud

  • โ€œAction when infected files are foundโ€: set to Block
  • โ€œBlock encrypted archivesโ€: enable to avoid sneaky zip bombs
  • Make sure your Nextcloud is using cron for background scanning

โœ… Final Thoughts

No TCP, no containers, no drama โ€” just a good old-fashioned local daemon scanning your files like itโ€™s 1999. Reliable. Fast. Nerd-approved.

Mission status: virus slayer operational. ๐Ÿง โš”๏ธ

By raphael

Related Post

Linux

๐Ÿ”„ Rethinking the Plan (Again)

Mar 5, 2026 raphael
IT Security Linux

๐Ÿง  Operating Community Nextcloud Instances with Ansible, AlmaLinux, SELinux and a Podman-based Collabora Stack

Feb 26, 2026 raphael
General Linux

Today Iโ€™d like to sing a praise song to the Asus NUCs (formerly Intel NUCs) ๐ŸŽถ๐Ÿ’ป

Feb 20, 2026 raphael

Leave a Reply

You missed

Linux

๐Ÿ”„ Rethinking the Plan (Again)

5. March 2026
IT Security Linux

๐Ÿง  Operating Community Nextcloud Instances with Ansible, AlmaLinux, SELinux and a Podman-based Collabora Stack

26. February 2026
General

Homelab Thermals: Now With Extra Fan

25. February 2026
General Linux

Today Iโ€™d like to sing a praise song to the Asus NUCs (formerly Intel NUCs) ๐ŸŽถ๐Ÿ’ป

20. February 2026