Running shared or VPS servers has risks. When one site is hacked, neighbors succumb shortly after. In this two-part article, I'll explain the risks in detail and what you can do to mitigate them. Shared hosting and VPS servers allow you to host several sites within one user account. If you're a webmaster, a web studio, an Internet agency, or a business owner, you do this not only for convenience but also to save money, as it is cheaper than buying separate accounts for each site. But there's a problem. Multi-site accounts are vulnerable to hacking and the subsequent infection of the entire hosting account. Often, there are dozens of "patients" (tenants) on the same site who urgently need tre...

Today we are releasing the latest beta version of Imunify360. Along with other features mentioned here , it comes with a major new addition: one-click automatic malware cleanup functionality. We are leveraging the power of our recent acquisition, Revisium's market-leading malware scanning engine, to find and automatically fix malware-infected files. Now you can rid your websites of infections with a single click. This is an indispensable feature, especially for servers with many websites, because it eliminates the headaches usually associated with manual cleanups and customer support issues. And don't forget that Imunify360's six-layer security stops almost all attacks . Its new Proactive De...

As a hosting provider, you have choices in the security space. We at CloudLinux know them and we know the hosting market well. Over the years, we've met with and spoken to a lot of hosting providers, to understand their needs, and to deliver solutions specifically for them. Naturally, we looked at the other leading security solutions to see how they compared to Imunify360 . Here's what we found. One license covers all sites on the server If you own a server, you only need one Imunify360 license for all the sites hosted on it. As a hosting provider, you have the freedom to up-sell to site owners or include it as part of their package. Other solutions charge per hosted site , not per server. N...

This month, October 2018, in the US it is the 15th National Cybersecurity Awareness Month . Another month, another 'awareness' . Does this suppose that all the other 11 months we should be less aware? Do hackers make a special effort to be nicer in October? Do they leave love letters on your server instead of malware? Does it help if you live on Tokelau*? No. EVERY month is cybersecurity awareness month, and every week and every day and every second of every day, everywhere. Because cyber attacks are automated. Hackers are using scripts and scalable tools to do the grunt work, the same way you make scripts to automate tedious tasks on your servers. Here's a recipe for success this cybersecur...

We are happy to announce that Ubuntu 16.04 LTS support was added with the Imunify360 3.6.0 beta release . This means that Plesk users can now take advantage of all Imunify360 security features including the new Proactive Defense , advanced firewall, malware scanning (antivirus), IDS/IPS protection, reputation management, and much more , all inside one comprehensive but simple-to-use dashboard. As you know, Imunify360 runs on CentOS 6 & 7, and CloudLinux OS 6 & 7 distributions. We have now added Ubuntu 16.04 LTS to that list. Plesk customers can install Imunify360 for Ubuntu using these instructions . After installation, customers will find Imunify360 in Plesk's "Links to Additional S...

The cPanel Conference is happening between October 1–3, 2018, in Houston, TX, at the Westin Galleria Houston. As always, CloudLinux is a proud sponsor of the event and will be there. Our CEO, Igor Seletskiy, will be discussing a number of topics . If you're coming, here are some of the sessions to look out for: Panel Discussion: Who owns your information? The role of privacy in the cPanel ecosystem Tuesday, October 2, at 4 pm, Galleria I & II, 3rd level Panelists will talk about how being "stuck in the middle" of the Internet is an opportunity, and how you can use privacy to distinguish your business from companies still stuck in 1997. They'll offer real-world experience and business adv...

After July's release of Proactive Defense comes this month's big news: the integration of Revisium's powerful malware scanner, strengthening Imunify360's multi-vector threat defenses even more. It automatically finds and fixes viruses, scripts, malware, backdoors, web-shells, hacker tools, blackhat SEO, phishing pages, and more. Today we have released the latest version of Imunify360. You can see the upgrade instructions and release notes here . Now that Revisium has joined our team we will soon be expanding our product line by offering more security options to service providers, providing our hosting partners with additional resale opportunities. About a month later, Revisium's automated ma...

Today we're excited to tell you about the latest beta version of Imunify360 3.5.1 , which now includes Revisium's renowned malware scanning engine. This will enhance detection rates and dramatically improve the speed of the scan, especially for servers with many websites, a typical feature of shared hosting servers. CloudLinux acquired Revisium -- rated by Plesk control panel users as the best antivirus product for websites -- because they have the best malware scanning technology in the business, and it fits perfectly into the Imunify360 security suite . We welcome Revisium's team of brilliant technologists and security engineers who are coming on-board to join and be part of the establishe...

​ On August 20th, CloudLinux acquired Revisium , a company specializing in automated website malware cleanup. Revisium has 7 years of experience in malware cleanup automation and its products have cleaned hundreds of thousands of websites. CloudLinux is committed to continue growing and promoting the Revisium brand and its products. In the next version of Imunify360 , releasing within the next few days, the Revisium malware scanner will be the main website malware scanning engine. This will improve detection rates even further and dramatically improve the speed of the scan, especially for servers with many websites, a typical feature of shared hosting servers. In combination with recently-re...

Sophisticated malware needs sophisticated solutions to combat it. With web security, prevention is always the best defense. Imunify360 detects known attacks with its built-in Malware Scanner. Now, a new feature, Proactive Defense , takes protection to a whole new level. ​ Imunify360 blocks attacks with a combination of technologies: signature matching, real-time behaviour analysis, and herd immunity, informed by insights collected from servers around the globe. It is invaluable to web server owners, helping them adapt their security efforts to changing malware threats without the need to swap one antivirus solution for another.  Imunify360 is an all-inclusive and comprehensive secu...

Firewalls and malware scanners focus on protecting against known attacks, but how do you protect against new security threats? With Proactive Defense in Imunify360 . It proactively stops malware from attacking your websites and servers. It intercepts all activity in real time, analyzes the behavior of PHP scripts, and then stops any known or unknown malicious codes from being executed. Proactive Defense is very effective because it analyzes what PHP scripts do rather than what is actually in the code or file.  Here you will learn how Proactive Defense works and how it stops even the malware that scanners are unable to detect.  View the recorded webinar here.

Proactive Defense , the new feature of Imunify360, has now been released to production for cPanel customers. This new technology has made a significant contribution in our multi-layer security in stopping malware and protecting your Linux Web servers from most, if not all, attacks. Security has to be effective, and Imunify360 with Proactive Defense is. Proactive Defense protects against malicious activity not by scanning and identifying signatures of malware, but by recognizing malicious intent based on the behavior of the PHP scripts. While there are millions of various strains out in the wild, all malware behave in a similar manner, and the number of variations of those behaviors is relati...

​ Software vulnerabilities are constantly being exploited and monetized, and organized crime now consist of large development teams with substantial budgets. It has become a profitable industry that has seen rapid growth, fueled by ransomware schemes and cryptomining exploits, all without dire consequences. Malware is used by attackers to steal data, bypass access controls, remotely execute files, modify system configurations, and much more.  Web applications, such as WordPress and its plugins, are especially appealing to attackers as they are widely used and easily exploited, but Imunify360 -- with the newly released Proactive Defense -- can protect those applications against both...

Recording now available. If you prevent malware from running on your servers in the first place, your Linux web servers will finally be secure! Firewalls and malware scanners focus on protecting against known attacks, but how do you protect against new security threats? With Proactive Defense in Imunify360 . It proactively stops malware from attacking your websites and servers. It intercepts all activity in real time, analyzes the behavior of PHP scripts, and then stops any known or unknown malicious codes from being executed. Proactive Defense is very effective because it analyzes what PHP scripts do rather than what is actually in the code or file. Join Igor Seletskiy and Kirill Bykov to l...

In the past decade, malware has become considerably more sophisticated, but the industry is still focused on developing solutions for cleaning and removing malware. Proactive Defense , the new feature of Imunify360 now in beta, adds a different approach to protect your Linux web servers - it actually prevents malware from running in the first place. Here is how Proactive Defense in Imunify360 works: Proactive Defense continuously analyses running scripts, identifies dangerous behaviors in Linux web servers in real time, then blocks potentially malicious executions automatically and with zero latency. It protects websites running PHP, the most common programming language, against ze...

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in the EU law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.  For the last six months, we were actively working to make all parts of Cloud Linux Inc GDPR compliant. Here is what was done . 

Drupal has recently patched a critical remote code execution exploit, which we wrote about earlier this month. The second part of that vulnerability, CVE-2018-7602 is now here. Again, this vulnerability may result in Drupal sites to be completely compromised. According to Drupal advisory , both of these vulnerabilities are being exploited in the wild. However, if you are using Imunify360 , you don't have to worry about it, at least not for now. Earlier this month, we have added a rule CVE-2018-7600 to our database to detect and block suspicious requests. Now, we have pushed a rule CVE-2018-7602 to master and have deployed it to all our customers.  While we always recommend updating the ...

​After much anticipation, and many requests from our customers, we are happy to announce Imunify360's (beta) support for the DirectAdmin Web hosting control panel! If you are using DirectAdmin, you can now secure your websites with Imunify360.  All Imunify360 features -- advanced firewall, malware scanning (antivirus), IDS/IPS protection, reputation management, and much more -- are now fully integrated into DirectAdmin. The Imunify360 dashboard allows you to quickly check on the overall state of your server security. Once installed, Imunify360 works right out-of-the-box - so servers can be protected right away. For most, the default settings will be sufficient, but you can also configur...

Drupal has recently patched a critical remote code execution exploit SA-CORE-2018-002/CVE-2018-7600 . This vulnerability may result in Drupal sites to be completely compromised. Imunify360 protects against this vulnerability using built-in Web Application Firewall (WAF) as well as the intelligent botnet protection. Our team has pushed out updates where we improved rules and performance, and decreased false positive rate. We have added a rule CVE-2018-7600 to our database to detect and block suspicious requests. While we always recommend updating the vulnerable software, we are happy to secure your sites until you have a chance to do so. According to the Drupal Security Team, this is a highly...

The version 3.0 is now available! We have made tremendous improvements in Imunify360 since it was first released a year ago. Based on the feedback collected from our customers, as well as a substantial technological development, our team has been able to ensure that Imunify360 performs better and delivers great Web server protection to our customers. The latest Imunify360 includes significant improvements such as faster malware scans, better detection of new malware, and four times more of WAF rules. Imunify360 now receives four million security-related events each day with an eightfold decrease in false positives. Imunify360 is the next-generation security solution built for Linux VPS, Dedi...