How to Check Your VPS Server for Viruses

1 month ago
nikolay
2 minutes

Checking a VPS for viruses

🔹 Why You Should Check Your VPS for Viruses

Even Linux servers can become infected with malicious files or scripts — usually through website vulnerabilities, outdated plugins, or weak passwords.
Regular virus scans help prevent data leaks, spam, or your IP address from being blacklisted.

🔹 How to Scan Your VPS for Viruses

1. Connect to Your Server

Connect via SSH:

ssh root@your_server_ip

2. Install the ClamAV Antivirus

ClamAV is a free antivirus for Linux systems.
To install:

apt install clamav -y

🧩 For CentOS / AlmaLinux / Rocky Linux:

yum install clamav -y

3. Update Virus Definitions

After installation, update the virus database:

freshclam

4. Start the Virus Scan

Scan the entire system:

clamscan -r /

Or scan only your user’s home directory:

clamscan -r /home

5. Review the Results

Infected files will be marked as Infected in the scan report.

You can remove infected files manually or automatically:

clamscan -r --remove /

⚠️ Warning: this command will delete all infected files without confirmation.

🔹 Additional Security Tips

Keep your system updated:

apt update && apt upgrade -y

  • Use a firewall (e.g., UFW or iptables).
  • Install Fail2Ban to protect against brute-force attacks.
  • Avoid using the root user for daily work — create a limited user instead.

🔹 If Your VPS Runs on Windows

  1. Connect to the server via RDP.
  2. Install antivirus software such as Windows Defender or ESET.
  3. Run a full system scan.
  4. Delete or quarantine any detected threats.