To keep servers safe, you must make sure your Imunify360 malware database is always up to date. We're striving to make Imunify360 the easiest way to keep Linux web servers secure. So we're announcing that, as of July 10, 2019, the Imunify360 and ImunifyAV malware and black hash databases get updates every business day.
In Imunify360 v4.2 beta, we introduced “Hooks”, a new way to handle asynchronous events coming from the Imunify agent. It works like a simple event handler. For example, you can create a script that will run when malware is detected (right after the on-demand or background scan is finished).
The script is put on the server and registered via the Imunify360 command-line interface. In the script, you can specify a set of actions based on the scanning report received from Imunify360: for example, suspend a user account infected with malware, send out an email notification, or submit a ticket for the client. Hooks are just executables, so they can be written in any language (bash, php, python, etc.).
We’ve had a lot of questions regarding the practical use of hooks. So, we’ve created this article to show you an example of a hook that runs when malware is detected, and suspends the cPanel user account when the number of infected files exceeds three.
Here are the steps to create the hook:
Create a file (e.g.
/root/hooks/hook.php) with the following content:
We have a nice, new, time-saving tip over on the CloudLinux KnowledgeBase.
It tells you how to copy Imunify360 configurations from one server to another.
The good news just keeps coming: cPanel & WHM integrates ImunifyAV into its hosting automation platform.
ImunifyAV automatically scans your web site for malicious files and it does it for free. It can detect all kinds of malicious files, such as backdoors, web-shells, viruses, hacker’s tools, black hat SEO scripts, phishing pages, and others. If any are found, ImunifyAV will report back telling you how to remove them manually.
I appreciate that not everyone has the time or knowledge to do this, so there’s a built-in upgrade option to ImunifyAV+ which lets you perform an automated one-click clean up. It’s quick, it’s thorough, and it removes the stress and worry usually associated with managing your cybersecurity defenses.
For those web hosters that need a comprehensive, all-in-one security solution, there’s a further upgrade option available in the form of Imunify360. More and more web hosters and Linux server managers around the globe are choosing Imunify360 for its ability to protect web servers and websites effectively and simply. Its multi-layered security architecture incorporates a firewall, WAF, IDS and IPS, and advanced machine learning for dynamic rule and signature creation. There’s also our unique herd immunity, the name we give to how Imunify360 instances share threat intelligence information among one another, forming a web of cyber threat knowledge greater than the sum of its parts. All in all, it makes Imunify360 the complete, perfectly integrated web security package.
A month in development passes so quickly.
We announced in February that we have a new version of Imunify360 coming with some great new features. It’s ready, it’s out of beta and into general availability. Here’s a quick reminder of the new stuff. More details are in the Imunify360 4.0 preview post.
Feature Management (cPanel only for now)—Our cPanel users will see a new and better way to manage the features they offer their users. Feature Management is the new way to manage features, fully integrated into cPanel. It’ll give a lot of flexibility in adjusting the features available on hosting service plans and packages.
Dashboard/Charts—Now you’ll be able to see how well Imunify360 has been defending your systems, where attacks are coming from and how many. There are these new alerts, with more coming soon: total number of alerts, number of CAPTCHA events, number of WAF alerts, number of web-based brute-force attacks, number of OSSEC (network level) attacks, number of denied requests from bad bots.
Proactive Defense extension: The Blamer—The Blamer is a new extension to Proactive Defense. It gathers intelligence on attack profiles and uses this information to prevent future attacks.