cPanel is essentially a simplified interface for hosting a website. Clients and end users are often given or buy cPanel so they don’t have to continually engage the services of an IT and web expert to keep their website running. The developing team for the website can essentially set you up with a better user interface that lets you control most of the functions and capabilities of your website without needing to open the command console.
Along with your cPanel license, you also get built-in anti-virus through ClamAV. While you may think that this is a great value, some users find that their website still experiences attacks and is vulnerable to threats even with ClamAV.
Craxyboutlinux posted on the cPanel forums:
Please don’t suggest me ClamAV its really poor, recently our client’s website got Hacked by the hackers & i scanned that website to check how many pages are infected, but ClamAV says website is OK
Still, ClamAV does handle some threats, if not all. To make sure that you have ClamAV installed to offer some initial virus protection, here are the steps:
ClamAV Scanner configuration
To configure ClamAV Scanner:
Here’s how to configure ClamAV scanner for configured users:
If you wish to override the ClamAV Scanner configuration for specific users, click User Configuration. The User Configuration interface also allows you to set override defaults for all configured users.
Add or remove configured users
Before you can configure a user’s ClamAV Scanner settings, that user must appear on the Configured Users menu.
To add a user to the Configured Users menu:
To remove a user from the Configured Users menu:
ClamAV and Malware
Keep in mind that just like any other anti-virus protection software, ClamAV has its limitations. Sometimes, other software can be added to cover all your bases. When it comes to malware, here’s what the experts have to say:
Malware uploads happen to the server through two main vulnerabilities:
1. Account password disclosure
2. Vulnerable applications in websites
Malware uploads through account password disclosure can be prevented using CXS (augmented by ClamAV unofficial signatures + LMD signatures).
Malware uploads through vulnerable applications can be prevented using mod_security (with signatures from ASL Lite).