https://www.apt-upgrade.me

- Keep me up to date -

IT Security Linux

πŸ›‘οΈ Getting ClamAV Daemon to Play Nice with Nextcloud’s Antivirus App (Like a True Nerd)

Byraphael

Jul 13, 2025 #antivirus, #Apache, #clamav, #clamd, #clamdscan, #cron jobs, #cyber security, #Debian, #eicar test, #file scanning, #home lab, #Linux, #Monitoring, #Nerd Life, #Nextcloud, #nginx, #Open Source, #php, #self-hosted, #server setup, #shell commands, #smart cloud, #Sysadmin, #tcp socket, #unix socket, #virus protection

If you’re like me and want your Nextcloud to scream the moment something shady shows up in your files, then you’re probably using the Antivirus for Files app. But here’s the twist: for performance and true sysadmin joy, you don’t want clamscan. You want the big guns β€” the ClamAV Daemon using a local Unix socket.

βš™οΈ Step 1: Install ClamAV and the Daemon

sudo apt update
sudo apt install clamav clamav-daemon -y

This installs the scanner and the background daemon β€” the dream team of file hygiene.

πŸ”„ Step 2: Update the Virus Definitions (Feed the Beast)

sudo systemctl stop clamav-freshclam
sudo freshclam
sudo systemctl start clamav-freshclam

Don’t scan with stale signatures. That’s like fighting dragons with butter knives.

🎩 Step 3: Start the Daemon

sudo systemctl enable clamav-daemon
sudo systemctl start clamav-daemon
sudo systemctl status clamav-daemon

At this point, the daemon should be purring quietly in the background, waiting to strike at evil bits and bytes.

πŸ“Ž Step 4: Check the Socket

ls -l /var/run/clamav/clamd.ctl

This is the local Unix socket that clamdscan uses to talk to clamd. It’s like a high-speed private hotline just for your cloud’s immune system.

πŸ‘€ Step 5: Give Nextcloud Access to the Socket

sudo usermod -a -G clamav www-data
sudo systemctl restart clamav-daemon
sudo systemctl restart apache2   # or nginx/php-fpm depending on your setup

This lets the webserver access the socket β€” no root privileges required, just proper group membership.

πŸ”Œ Step 6: Configure the Antivirus App in Nextcloud

  • Mode: ClamAV Daemon (Socket)
  • Socket: /var/run/clamav/clamd.ctl

 

πŸ§ͺ Step 7: Test Like a Nerd

wget https://secure.eicar.org/eicar.com.txt -O /tmp/eicar.txt
clamdscan /tmp/eicar.txt

Expected result:

/tmp/eicar.txt: Eicar-Test-Signature FOUND

If you see this, your setup is working beautifully. πŸ‘Œ

πŸ’Œ Optional: Tune Antivirus Settings in Nextcloud

  • β€œAction when infected files are found”: set to Block
  • β€œBlock encrypted archives”: enable to avoid sneaky zip bombs
  • Make sure your Nextcloud is using cron for background scanning

βœ… Final Thoughts

No TCP, no containers, no drama β€” just a good old-fashioned local daemon scanning your files like it’s 1999. Reliable. Fast. Nerd-approved.

Mission status: virus slayer operational. πŸ§ βš”οΈ

By raphael

Related Post

IT Security Linux

πŸ” Apache under AppArmor: A Clean Static Profile Setup on Debian 12

Jul 15, 2025 raphael
Linux OpenSource

πŸš€ Moving a Grown-Up Nextcloud Instance to a Fresh Server (with Bash & Ansible)

Jul 15, 2025 raphael
Linux OpenSource

πŸ›‘οΈ Nextcloud Backup Like a Pro – Automated with Bash

Jul 11, 2025 raphael

Leave a Reply

You missed

IT Security Linux

πŸ” Apache under AppArmor: A Clean Static Profile Setup on Debian 12

15. July 2025 raphael
Linux OpenSource

πŸš€ Moving a Grown-Up Nextcloud Instance to a Fresh Server (with Bash & Ansible)

15. July 2025 raphael
IT Security Linux

πŸ›‘οΈ Getting ClamAV Daemon to Play Nice with Nextcloud’s Antivirus App (Like a True Nerd)

13. July 2025 raphael
Photovoltaics

⚑ Firmware Upgrade on My Fronius Inverter β€” a Nerd’s Delight

13. July 2025 raphael