Virus scanning for file uploads with clamav/php

Download and install the following packages, in case your repository has those package just use the management tool to install.


# apt-get install clamav clamav-db clamd clamav-devel php-devel


# yum install php-devel
# wget
# wget
# wget
# wget
# rpm -Uvh clam*
# freshclam
# service clamd start

Configure php-clamav

Download php-clamav from from

# wget
# tar xvzf php-clamav_0.15.7.tar.gz
# cd php-clamav-0.15.7/
# phpize
#./configure –with-clamav
# make
# cp modules/ /usr/lib/php/modules/

Add the modules to php.ini if required.

Make sure the module is loaded

# php -i | grep -i clam

Incase you see the following error create a symlink to clamav path
LibClamAV Error: cl_load(): Can’t get status of /var/lib/clamav

# ln -s /var/clamav /var/lib/clamav

Test script
Get the testing virus file from and save it on a file (eg: /tmp/virus.txt)

Create a php script:
cat > check_virus.php

$file = ‘/tmp/testing.txt';
$retcode = cl_scanfile($file, $virusname);
if ($retcode == CL_VIRUS) {
echo .”Virus found name : “.$virusname;
} else {
echo .cl_pretcode($retcode);

$ php check_virus.php
Virus found name : Eicar-Test-Signature


  • Tim

    Thanks for this blog post this actually helped me solving an issue with php-clamav installation. ClamAV seem to work on command line but fails to load in PHP. You will get php_minfo_function erros in phpinfo() and warnings in the test script of php-clamav.

  • Arun N S

    Glad to hear that. Did you manage to get rid of the php error?