Fixing the high server load and memory & CPU consumption of clamd (ClamAV)

Optimizing ClamAV on DirectAdmin Servers

If your DirectAdmin servers are experiencing high load due to the clamd process, you may notice it consistently topping the list in the top command output. While ClamAV doesn't natively support memory and CPU usage limitations through its configuration files, we can manage resource usage by modifying the clamd startup script.

Understanding the Issue

ClamAV is an essential antivirus tool, but its resource-intensive nature can sometimes lead to performance issues on busy servers. By implementing resource limits, we can ensure ClamAV continues to provide protection without overwhelming the system.

Solution: Modifying the ClamAV Startup Script

For CloudLinux 8.7 and similar systems, follow these steps to optimize ClamAV:

1. Edit the ClamAV Startup Script

Open the ClamAV startup script using a text editor:

sudo nano /etc/systemd/system/clamd.service

2. Add Resource Limits

Add the following lines to set resource limits. Adjust the values based on your server's capabilities and requirements:

IOSchedulingPriority=7
CPUSchedulingPolicy=5
MemoryLimit=1024M
CPUQuota=30%
Nice=19

Here's what each setting does:

  • IOSchedulingPriority: Sets I/O priority (0-7, lower is higher priority)
  • CPUSchedulingPolicy: Sets CPU scheduling policy (0-6, 5 is idle)
  • MemoryLimit: Sets maximum memory usage
  • CPUQuota: Limits CPU usage percentage
  • Nice: Sets process priority (-20 to 19, higher is lower priority)

3. Example of Updated Startup Script

Your modified startup script should look similar to this:

[Unit]
Description=Generic clamav scanner daemon
After=syslog.target nss-lookup.target network.target

[Service]
Type=simple
ExecStartPre=-/bin/mkdir -p /var/run/clamd
ExecStartPre=-/bin/chown -R clamav:clamav /var/run/clamd
ExecStart=/usr/local/sbin/clamd --foreground=yes
Restart=on-failure
PrivateTmp=true
IOSchedulingPriority=7
CPUSchedulingPolicy=5
MemoryLimit=1024M
CPUQuota=30%
Nice=19

[Install]
WantedBy=multi-user.target

4. Apply Changes

After modifying the script, reload the systemd daemon to apply the changes:

sudo systemctl daemon-reload
sudo systemctl restart clamd

Monitoring and Fine-tuning

After implementing these changes, monitor your server's performance. You may need to adjust the values to find the right balance between ClamAV's effectiveness and server performance. Use tools like top, htop, or your server's monitoring panel to observe the impact.

Additional Considerations

  • Regularly update ClamAV to ensure you have the latest optimizations and security definitions.
  • Consider scheduling ClamAV scans during off-peak hours to minimize impact on server performance.
  • If issues persist, consult with your hosting provider or consider upgrading your server resources.

By implementing these optimizations, you should see improved overall server performance while still maintaining the security benefits of ClamAV on your DirectAdmin servers.

  • 332 Users Found This Useful
Was this answer helpful?

Related Articles

How to protect your .htaccess file?

For security purposes, we recommend you to prevent access to your .htaccess file from...

Blocking an IP Address in Your .htaccess File

If you suspect malicious activity or unauthorized access attempts on your website, you can...

How to disable directory browsing using .htaccess?

For security purposes, we recommend that you disable directory browsing on your website so no one...

How to restrict directory access by IP address?

To secure your admin area from hackers, we recommend that you allow access only from a selected...

Setting Up SSH Keys on Debian/Ubuntu

SSH keys provide a secure way to log in to your Linux server without using a password. Generate...