Greg Zemskov

ImunifyAV: The Free, Powerful, Malware Scanner (now in Beta for cPanel and DirectAdmin)

imunifyAV-2
Keeping watchful is the first step towards effective security; keeping malicious code out of your websites is essential to protect them. I'm excited to let you know about ImunifyAV, our powerful new malware scanner. It's currently available in beta for cPanel and DirectAdmin panels. I'm also happy to tell you it's free and will always be free (as in forever). Here's more about it. ​ ImunifyAV detects all kinds of malware in all types of files —it doesn't matter whether your websites are based on PHP (like WordPress, Joomla and Drupal), or built with classic, static HTML. Our advanced de-obfuscation techniques let it detect malicious code hidden in files using encryption or encoding. ImunifyA...
Continue reading
Greg Zemskov

How Spammers Spam

spammers
Twenty years on and spam is still a problem. I'll look at why that is and what we can do to reduce or prevent it. Contrary to popular belief, hacking a site and uploading malicious scripts onto it is not the only way spamming gets a foothold. There are other ways. For example, it could be because of a compromised account, the use of script vulnerabilities, or an incorrectly configured mail server. The diagram below shows an overview of the methods. ​ In this article, I'll look at the different ways unsolicited email (spam) can emanate from a web server, and some of the ways you can stop it. Spamming by hacking A hacked site or server is the most common reason behind an outbreak of spamming a...
Continue reading
Inna Gordin

DON’T GET BLACKLISTED ON BLACK FRIDAY

dont-get-blacklisted
Black Friday-Cyber Monday is the busiest e-shopping weekend of the year, so don't let hackers get your site banned by search engines. If your site gets compromised by malicious actors and starts spreading malware, it will be blacklisted by Google safe browsing, Yandex SB, McAfee, ESET, and other security services, which means that online shoppers will not find your site in search engines. This will inevitably disrupt your business, and e-commerce sales will be hit the hardest. With Imunify360's multi-layered approach to complete cyberdefense, you'll protect your sites/servers from malicious intent and stop malware from running on them in the first place. Imunify360 also monitors the blacklis...
Continue reading
Greg Zemskov

Why Does Site or Server Load Increase?

Why server load increases
There's only one good reason why the load on your hosting server starts increasing–the rest are bad. I'll look at how and why they all happen. I was often contacted by site owners who had a problem with high server load. This common condition is first noticed when an owner gets a warning message from their hosting company. Such messages can be precursors to the blocking of the site, and it can happen to almost any site owner or webmaster. This article covers the different reasons why the load on a site or server might be increasing, and what can be done about it. Webmasters usually find out about excess load from their hosters. Hosting companies regulate and control resource usage for each h...
Continue reading
Greg Zemskov

Patterns of thought: the psychology of weak passwords

psychology1
In this article, I look at why webmasters, site administrators and their users choose and use weak passwords. Later, I recommend ways to create passwords that are reliable and resistant to brute-force attacks. Warnings that the internet is increasingly an unsafe environment appear with alarming regularity in studies commissioned by companies specializing in information security. The growing number of web attacks and the increasing activity of the hacker community require a new discipline and focus on security. But while cybersecurity experts are talking about high technology and advanced protection, it seems a rudimentary rule has been forgotten: the use of strong passwords. Unreliable passw...
Continue reading
Paul Jacobs

Drupalgeddon Updates to 2.0 - Shouldn’t you update too?

drupalgeddon
The latest wave of Drupalgeddon activity highlights the importance of keeping software up to date, especially when it's a popular CMS like Drupal , itself based on the rapidly changing web development programming language PHP and the widely used open source RDBMS MySQL. Our Analyst's Insight into this vulnerability gives more details. Imunify360 defends against this threat by virtue of a sophisticated WAF rule set developed and maintained by our own threat intelligence team. Larger vendors' rulesets are too general and too inflexible to track such dynamic threats. Another component in Imunify360's layered security defenses is called Proactive Defense. It uses comprehensive heuristics to dete...
Continue reading
Oleg Boytsev

Drupalgeddon 2.0: Analyst’s Insight

vulnerability
Activity Our monitoring systems identified a first-wave malicious campaign on April 12th, 2018, the same day that proof of concept code went public. The Drupal core security team had earlier released security advisory SA-CORE–2018–002 on the 28th March. We released our blocking and detection rules a few days later meaning that Imunify360 customers were already protected by the time the campaign started. October saw a new burst of attacks on this vector. Botnets located on thousands of IPs requested access to Drupal-based sites to upload a malicious payload. The chart below shows the activity levels for the past few months. Recognition Most connections were attempting to extract the server's ...
Continue reading
Greg Zemskov

Avoid Multi-Site Hacking – Part 2

Security solution for web hosting
In Part 1 , we looked at security isolation as a technical solution for preventing infections on one site spreading to neighboring sites in multi-site hosting systems. In Part 2, we'll consider other non-technical ways to beef up multi-site protection. Site security = technical protection + organizational measures If you don't use security isolation on sites in the same hosting account, you should at least give each site its own account. However, this is often impossible, as the combined sum of each site's content resource needs (disk, memory) is too great. This is where the next elements of complex security come in. I call them organizational measures . Here are some examples. ​ Secure work...
Continue reading
Greg Zemskov

Avoid Multi-Site Hacking – Part 1

avoid-part1
Running shared or VPS servers has risks. When one site is hacked, neighbors succumb shortly after. In this two-part article, I'll explain the risks in detail and what you can do to mitigate them. Shared hosting and VPS servers allow you to host several sites within one user account. If you're a webmaster, a web studio, an Internet agency, or a business owner, you do this not only for convenience but also to save money, as it is cheaper than buying separate accounts for each site. But there's a problem. Multi-site accounts are vulnerable to hacking and the subsequent infection of the entire hosting account. Often, there are dozens of "patients" (tenants) on the same site who urgently need tre...
Continue reading
Kirill Bykov

One-click automatic malware cleanup in Imunify360 beta

cleanup
Today we are releasing the latest beta version of Imunify360. Along with other features mentioned here , it comes with a major new addition: one-click automatic malware cleanup functionality. We are leveraging the power of our recent acquisition, Revisium's market-leading malware scanning engine, to find and automatically fix malware-infected files. Now you can rid your websites of infections with a single click. This is an indispensable feature, especially for servers with many websites, because it eliminates the headaches usually associated with manual cleanups and customer support issues. And don't forget that Imunify360's six-layer security stops almost all attacks . Its new Proactive De...
Continue reading
Inna Gordin

Imunify360: The only option for all-around proactive web security

imunify-only-solution
As a hosting provider, you have choices in the security space. We at CloudLinux know them and we know the hosting market well. Over the years, we've met with and spoken to a lot of hosting providers, to understand their needs, and to deliver solutions specifically for them. Naturally, we looked at the other leading security solutions to see how they compared to Imunify360 . Here's what we found. One license covers all sites on the server If you own a server, you only need one Imunify360 license for all the sites hosted on it. As a hosting provider, you have the freedom to up-sell to site owners or include it as part of their package. Other solutions charge per hosted site , not per server. N...
Continue reading
Paul Jacobs

Why every month should be National Cybersecurity Awareness Month

ncsam
This month, October 2018, in the US it is the 15th National Cybersecurity Awareness Month . Another month, another 'awareness' . Does this suppose that all the other 11 months we should be less aware? Do hackers make a special effort to be nicer in October? Do they leave love letters on your server instead of malware? Does it help if you live on Tokelau*? No. EVERY month is cybersecurity awareness month, and every week and every day and every second of every day, everywhere. Because cyber attacks are automated. Hackers are using scripts and scalable tools to do the grunt work, the same way you make scripts to automate tedious tasks on your servers. Here's a recipe for success this cybersecur...
Continue reading
Kirill Bykov

Imunify360 beta now supports Ubuntu

ubuntu-plesk
We are happy to announce that Ubuntu 16.04 LTS support was added with the Imunify360 3.6.0 beta release . This means that Plesk users can now take advantage of all Imunify360 security features including the new Proactive Defense , advanced firewall, malware scanning (antivirus), IDS/IPS protection, reputation management, and much more , all inside one comprehensive but simple-to-use dashboard. As you know, Imunify360 runs on CentOS 6 & 7, and CloudLinux OS 6 & 7 distributions. We have now added Ubuntu 16.04 LTS to that list. Plesk customers can install Imunify360 for Ubuntu using these instructions . After installation, customers will find Imunify360 in Plesk's "Links to Additional S...
Continue reading
Tags:
Inna Gordin

At this year’s cPanel Conference: how to secure your Linux Web server

How-to-secure
The cPanel Conference is happening between October 1–3, 2018, in Houston, TX, at the Westin Galleria Houston. As always, CloudLinux is a proud sponsor of the event and will be there. Our CEO, Igor Seletskiy, will be discussing a number of topics . If you're coming, here are some of the sessions to look out for: Panel Discussion: Who owns your information? The role of privacy in the cPanel ecosystem Tuesday, October 2, at 4 pm, Galleria I & II, 3rd level Panelists will talk about how being "stuck in the middle" of the Internet is an opportunity, and how you can use privacy to distinguish your business from companies still stuck in 1997. They'll offer real-world experience and business adv...
Continue reading
Kirill Bykov

Imunify360’s latest malware scanning engine protects Linux web servers better than ever

introducing-new-engine
After July's release of Proactive Defense comes this month's big news: the integration of Revisium's powerful malware scanner, strengthening Imunify360's multi-vector threat defenses even more. It automatically finds and fixes viruses, scripts, malware, backdoors, web-shells, hacker tools, blackhat SEO, phishing pages, and more. Today we have released the latest version of Imunify360. You can see the upgrade instructions and release notes here . Now that Revisium has joined our team we will soon be expanding our product line by offering more security options to service providers, providing our hosting partners with additional resale opportunities. About a month later, Revisium's automated ma...
Continue reading
Kirill Bykov

Imunify360 Beta now includes the new malware scanner by Revisium

blogpost-revisium-beta
Today we're excited to tell you about the latest beta version of Imunify360 3.5.1 , which now includes Revisium's renowned malware scanning engine. This will enhance detection rates and dramatically improve the speed of the scan, especially for servers with many websites, a typical feature of shared hosting servers. CloudLinux acquired Revisium -- rated by Plesk control panel users as the best antivirus product for websites -- because they have the best malware scanning technology in the business, and it fits perfectly into the Imunify360 security suite . We welcome Revisium's team of brilliant technologists and security engineers who are coming on-board to join and be part of the establishe...
Continue reading
Igor Seletskiy

Committing to Better Security, Together.

revisium-imunify360-blog
​ On August 20th, CloudLinux acquired Revisium , a company specializing in automated website malware cleanup. Revisium has 7 years of experience in malware cleanup automation and its products have cleaned hundreds of thousands of websites. CloudLinux is committed to continue growing and promoting the Revisium brand and its products. In the next version of Imunify360 , releasing within the next few days, the Revisium malware scanner will be the main website malware scanning engine. This will improve detection rates even further and dramatically improve the speed of the scan, especially for servers with many websites, a typical feature of shared hosting servers. In combination with recently-re...
Continue reading
Inna Gordin

Proactive defense for sophisticated attacks

sophisticated_protection2
Sophisticated malware needs sophisticated solutions to combat it. With web security, prevention is always the best defense. Imunify360 detects known attacks with its built-in Malware Scanner. Now, a new feature, Proactive Defense , takes protection to a whole new level. ​ Imunify360 blocks attacks with a combination of technologies: signature matching, real-time behaviour analysis, and herd immunity, informed by insights collected from servers around the globe. It is invaluable to web server owners, helping them adapt their security efforts to changing malware threats without the need to swap one antivirus solution for another.  Imunify360 is an all-inclusive and comprehensive secu...
Continue reading
Inna Gordin

How Proactive Defense works: watch the webinar recording to learn why it is so effective in stopping malware

layers
Firewalls and malware scanners focus on protecting against known attacks, but how do you protect against new security threats? With Proactive Defense in Imunify360 . It proactively stops malware from attacking your websites and servers. It intercepts all activity in real time, analyzes the behavior of PHP scripts, and then stops any known or unknown malicious codes from being executed. Proactive Defense is very effective because it analyzes what PHP scripts do rather than what is actually in the code or file.  Here you will learn how Proactive Defense works and how it stops even the malware that scanners are unable to detect.  View the recorded webinar here.
Igor Seletskiy

Meet Imunify360 with Proactive Defense, the sophisticated protection against any kind of malware, all in one nice package.

proactive-security-linux-web-servers
Proactive Defense , the new feature of Imunify360, has now been released to production for cPanel customers. This new technology has made a significant contribution in our multi-layer security in stopping malware and protecting your Linux Web servers from most, if not all, attacks. Security has to be effective, and Imunify360 with Proactive Defense is. Proactive Defense protects against malicious activity not by scanning and identifying signatures of malware, but by recognizing malicious intent based on the behavior of the PHP scripts. While there are millions of various strains out in the wild, all malware behave in a similar manner, and the number of variations of those behaviors is relati...
Continue reading