Beta: Imunify360 4.2.1 released

b2ap3_large_imunify_update

We are pleased to announce that a new Imunify360 Beta version 4.2.1 is now available for download from our updates-testing repository.​

Enhancements

Hooks

  • Starting from v4.2, Imunify360 supports ‘hooks’. This is a script-based interface for various application events, such as “malware-detected”, “malware-scanning”, “agent”, etc. This is a simple and effective way to automate Imunify360 alerts and event processing. For example, an administrator can have Imunify360 call a script when malicious files are detected or misconfigurations are detected.

 

Malware Scanner

  • We have added new settings to limit the resource impact of malware scanning.

IM360 420 2

IM360 420 3

  • We have introduced a new setting, disable_user_ignore_list, that lets you hide the Ignore List tab for end users.
  • The scanning engine has been enhanced with a new de-obfuscator and decryptor for encoded files.

Dashboard

  • Statistics (number of incidents) are now correct in titles.

IM360 420 4

  • Notifications about server security and Imunify360 configuration are shown, along with recommendations for making server security effective and proactive.

IM360 420 5

IM360 420 6

Reputation Management

  • The list of vendors was expanded and the verdict list enhanced.

IM360 420 7

Proactive Defense

  • Performance is improved, and the scanning of malicious PHP has been optimized by using precompiled signatures.
  • Event recording in the Blamer is improved, and new/de-duped events are not recorded.

WebShield

  • SSL processing is faster.

Firewall

  • We added a new option, “Manage CSF Events and Lists“, to enable/disable the integration between CSF and Imunify360.

IM360 420 8

Settings

  • The support menu item can be hidden via settings (to be used by resellers of Imunify360, for example).

UI

  • Added OSSEC “Active Response” setting.

IM360 420 9

  • Enhanced Imunify360 installation process, added slides with feature descriptions while the extension is deploying.
  • Newsfeed imports all recent news from the blog.
  • Updated translation of the UI.
  • “Lists” item renamed to “Firewall” in the menu.

IM360 420 10

Bug Fixes

  • Proactive Defence: Move extension=i360.so from zzzzzzz-pecl.ini back to alt-phpXX php.ini (bug)
  • Proactive Defence: freezes PHP if Imunify360 config file is broken (bug).
  • Fixed rare cases where the agent hangs on startup when integrated with CSF.
  • Malware Scanner: We now cancel background scanning once settings are updated.
  • UI fixes: Fixed the “Restore” link in the quarantine popup, and fixed the charts description in the Dashboard.

IM360 420 11

The full change log is below.

How to upgrade

To install the new Imunify360 version 4.2.1 beta please follow the instructions in the documentation.

To upgrade Imunify360 on CentOS/CloudLinux systems

Run the command:

yum update imunify360-firewall --enablerepo=imunify360-testing

To upgrade Imunify360 on Ubuntu 16.04

Run the command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/16.04/ xenial main'  > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

To upgrade Imunify360 on Ubuntu 18.04

Run the command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/18.04/ bionic main'  > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

+ Changelog

Bugs

  • DEF–5736 - Feature’s status (installing/uninstalling) tracking mechanism is unreliable
  • DEF–6605 - Deploy-script with --uninstall flag should remove all ImunifyAV/Imunify360 requirements
  • DEF–7105 - TypeError: a bytes-like object is required, not ‘str’
  • DEF–7126 - WebshieldDictException: send error: [Errno 111] Connection refused
  • DEF–7461 - New Dashboard - UI - Map - fix truncated pins (near sides of the map)
  • DEF–7735 - rpm test failure: “database is locked” in on_demand.malware_hashes.Malware hashes applied during on demand scan.Malware hash list command shows added hashes
  • DEF–7756 - handle response from FeaturesManagementAPI.editUserFeatures
  • DEF–7838 - Fix regular crashes of Visual Review server on Jenkins node
  • DEF–7872 - Hide ImunifyAV item in reseller menu in WHM
  • DEF–7902 - Failed test_configuration_management.test_managing_modsec_directives[SecAuditEngine-Off] (from pytest)
  • DEF–7911 - Incorrect count in blocked ports?
  • DEF–7946 - test_webshield fails on ubuntu configurations
  • DEF–8013 - TypeError: modsec_get_directive() takes 1 positional argument but 2 were given
  • DEF–8017 - TypeError: read_file() missing 1 required positional argument: ‘path’
  • DEF–8049 - Bug from https://sentry.cloudlinux.com/sentry/imunify360-ui/issues/4729709/?referrer=slack
  • DEF–8071 - modsec audit log is not parsed properly sometimes
  • DEF–8075 - test_malware.test_cleanup.test_keep_in_quarntine[quarantine-quarantined] RPM test fails
  • DEF–8076 - When uninstall agent we do not uninstall vendor and brake apache (cPanel)
  • DEF–8092 - test_rules_restored.test_existing_chain_on_startup failed
  • DEF–8093 - Not all files are detected by black hash filter
  • DEF–8097 - cPanel hooks should be executed sequentially for a given target (user) (test_cpanel_events.test_account_is_modified fails)
  • DEF–8099 - AttributeError: ‘SubprocessError’ object has no attribute ‘stderr’
  • DEF–8111 - geodb is updated but the corresponding country ipset is not
  • DEF–8156 - Allow admin to disable ignore list at end user level
  • DEF–8163 - test_malware.test_user_list.test_infected failed
  • DEF–8166 - Failed test_modsec_vendor_install.test_correct_vendor_installed_plesk
  • DEF–8168 - test_malware failed due to missing ‘HOME’ in env
  • DEF–8169 - Issue with Imunify360 installation on Ubuntu18 (PLESK)
  • DEF–8205 - license_type is not available from UI
  • DEF–8225 - OperationalError: too many SQL variables
  • DEF–8228 - Quarantined file can’t be uploaded to MRS
  • DEF–8236 - Wsshdict, ssl-cache and sentrylogs: rewrite existing PID file silently on start
  • DEF–8257 - Do not include unit tests into imunify package
  • DEF–8272 - Disable Contact Support in the config
  • DEF–8279 - The problem is with the email field validator
  • DEF–8281 - SSL is not working, issue with Cloudflare FULL Strict cert
  • DEF–8296 - test_malware_user_list unit tests fail sometimes: “jsonschema.exceptions.ValidationError: ‘scan_type’ is a required property”
  • DEF–8313 - When upgrading webshield from 1.6 to 1.7 version on Ubuntu it failed to start
  • DEF–8327 - CL + cPanel + 1k users: test_cagefs_split_configs: AssertionError
  • DEF–8352 - KeyError: ‘url’
  • DEF–8361 - RuntimeError: coroutine raised StopIteration
  • DEF–8362 - cron file should contain PATH or we should use absolute paths (imunify360-watchdog)
  • DEF–8392 - test_malware failed (rpm-test)
  • DEF–8393 - Failed whitelisted_ip_after_login.Whitelisting ip after login.ensure that user access to panel is whitelisting ip – @1.1
  • DEF–8419 - Fix link in restore from quarantine modal window
  • DEF–8427 - Fix looped cpanel hooks
  • DEF–8428 - AttributeError: ‘set’ object has no attribute ‘extend’
  • DEF–8462 - AttributeError: ‘cPanel’ object has no attribute ‘pure_ftp_conf_cls’
  • DEF–8463 - Failed test_malware.test_cleanup (RPM tests) (Directadmin)
  • DEF–8483 - Fix Rpc caller service exec should work even if response is divided into several packets
  • DEF–8499 - inotify.new_account.Newly created account is automatically added to inotify.Inotify automatically starts watching newly created account
  • DEF–8526 - test_malware.test_malware_scanner.test_pure_ftp_scanner fails in RPM tests
  • DEF–8544 - Webshield is not picking up panel certificate for cPanel & LiteSpeed
  • DEF–8577 - NameError: name ‘itertools’ is not defined
  • DEF–8584 - Endpoint not found for RPC method “backup-systems init”
  • DEF–8595 - “malware malicious restore-from-backup” does not work
  • DEF–8600 - test_malware.test_malware_scanner.test_web_scanner fails
  • DEF–8601 - Failure during provisioning on disabling Sentry reporting
  • DEF–8605 - test_malware.test_user_list.test_scan_status fails
  • DEF–8607 - test_hooks failed on AV
  • DEF–8610 - inotify.new_account, malware_read rpm-tests failed
  • DEF–8621 - Active response does not work on Debian
  • DEF–8659 - Traceback during upgrade 4.1 -> 4.2
  • DEF–8671 - test_cagefs_split_configs fails
  • DEF–8702 - Broken link

Tasks

  • DEF–4905 - Improve news component - use RSS to extract news
  • DEF–6370 - Plesk mod_security settings
  • DEF–7301 - No running process for ImunifyAV when it is not in use - EL7/systemd
  • DEF–7347 - Re-work e2e tests as functional/unit & api tests
  • DEF–7377 - No running process for ImunifyAV when it is not in use - EL6/separate binary
  • DEF–7578 - Optimize SSL processing
  • DEF–7635 - Open source ImunifyAV UI - check sources for any information that we might not want to open source
  • DEF–7652 - Re-work e2e tests as functional/unit & api tests - add validation to agent’s responses
  • DEF–7667 - Re-use a11y tests code for VR tests
  • DEF–7702 - create a test for ossec
  • DEF–7792 - Display slides in UI during installation
  • DEF–7825 - Re-work e2e tests as functional/unit & api tests - fix small issues (marked with FIXME)
  • DEF–7908 - prevent regression in memory consumption for imunify-antivirus
  • DEF–7933 - Add webshield instance to integration tests
  • DEF–7936 - Silence warnings about inconsistent firewall rules
  • DEF–7963 - Set typical values with flags, not string values
  • DEF–7964 - Add our Jenkins jobs with tests to build.cloudlinux.com to make sure our tests run on every release build
  • DEF–8001 - user configs stored in /etc/imunify360/user_configs lead to quadratic increase in disk usage with increase in user count
  • DEF–8023 - Purge Heuristic scan
  • DEF–8074 - pytest complains about yaml.load() without Loader=…; possible security issue
  • DEF–8098 - Create multiconfiguration job to test ImunifyAV
  • DEF–8102 - Add scan_id to malicious list output
  • DEF–8139 - ossec active response UI / enable / disable – backend part
  • DEF–8144 - Add hook management functionality
  • DEF–8145 - Plugin to execute hooks
  • DEF–8146 - Native hooks
  • DEF–8179 - Dashboard - add recommendations
  • DEF–8181 - Dashboard - numbers above charts
  • DEF–8182 - Reputation management - update UI
  • DEF–8200 - Record the time of last ‘full’ scan per user
  • DEF–8204 - update icons and descriptions in Plesk extension
  • DEF–8207 - Recursive symlink does not break the scanner case fails
  • DEF–8209 - Split HostingPanel code
  • DEF–8210 - Remove client360 plugin dependency to (almost) all kind of messages
  • DEF–8211 - Move CSF integration to corresponding plugins
  • DEF–8212 - Create separate package for imunify360-only code
  • DEF–8213 - Move 360 plugins to separate package
  • DEF–8214 - Move 360 endpoints to separate package
  • DEF–8219 - Remove ip whitelist middleware
  • DEF–8220 - Remove KernelCare/HardenedPHP handling from CLN class
  • DEF–8230 - Dashboard - add malware chart - server
  • DEF–8239 - Update behave rpm-tests which use unoptimized steps
  • DEF–8260 - Review and apply new translations
  • DEF–8261 - Remove client360 plugin dependency on received messages
  • DEF–8316 - Replace “Lists” in the global menu with “Firewall” item
  • DEF–8317 - Disable integration with CSF via settings
  • DEF–8323 - Reputation management - update agent
  • DEF–8358 - [UI + Correlation Server] Screen resolution and other browser’s parameters reporting to CH
  • DEF–8372 - ossec active response UI / enable / disable
  • DEF–8395 - Fix warning at the end of unit test run
  • DEF–8398 - Make ClamAV binary configurable
  • DEF–8417 - Move firewall code into im360 package
  • DEF–8422 - Fix description for “Alerts total”
  • DEF–8435 - Move defence360/api/ips.py into im360 package
  • DEF–8436 - Move defence360agent/model/cache_sources.py into im360 package
  • DEF–8443 - Cancel background scanning when settings are changed
  • DEF–8446 - Move defence360agent.subsys.features into im360
  • DEF–8471 - Add a triangle to autocomplete in dashboard
  • DEF–8480 - Adjust intensity level and resource consumption while scanning with AI-BOLIT (nice / ionice) - UI part
  • DEF–8482 - Process ‘X-Forwarded-For’ header only after vendor-specific headers
  • DEF–8489 - Remove messages class dependencies from the_sink.py
  • DEF–8516 - Make RPC handlers registration explicit
  • DEF–8531 - Add to release of agent 4.2.0 new package of proactive defence 4.2.0
  • DEF–8536 - Disable integration with CSF via settings - UI
Beta: ImunifyAV 4.2.1 released
WAF rulesets released
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 19 June 2019

Captcha Image