Sergey Khristich

What 3 features are the most valuable for you in Imunify360?

We really appreciate your participation and want to thank you all for your contribution to the Imunify products. Our last poll was about the security policy you choose for your servers. ~95% of participants voted for the “Block everything but leave some certain ports opened”. This time we’d like you to share thoughts about Imunify features. Please, use comments below the poll for feature requests, advice and other extended comments.
Inessa Atmachian

Beta: ImunifyAV 4.2.5 updated

We are pleased to announce that the new updated ImunifyAV version 4.2.5 beta is now available.

FixesDEF-8928: fixed KeyError 'license_type'How to install

To install the new ImunifyAV version 4.2.5, please run the commands:

wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.shbash imav-deploy.sh --beta

To upgrade ImunifyAV on CentOS/CloudLinux systems, run the command:

yum update imunify-antivirus --enablerepo=imunify360-testing
Tags:
Inessa Atmachian

Beta: Imunify360 4.2.5 updated

We are pleased to announce that the new updated Imunify360 version 4.2.5 beta is now available.

FixesDEF-8928: fixed KeyError 'license_type'TasksDEF-8996: the new package of Proactive Defense 4.2.2-1.4 is added to release of agent 4.2.x How to install

To install the new Imunify360 version 4.2.5 beta

Please follow the instructions in the documentation.

To upgrade Imunify360 on CentOS/CloudLinux systems

Run the command:

Continue reading
Naveen Velusamy

Malware Masquerading as a Web Server Image Processor

Introduction

Your web server's image processor could be malware hiding in plain sight.

I'm going to describe an interesting type of malware the Malware Intelligence Team recently uncovered during a recent research operation.

At the time of writing, there were 11,320 cases of it detected and neutralized on 265 websites across 183 servers.

It is a particularly ingenious and potentially destructive type of malware: it is designed to appear as a legitimate image processor, and can act as a backdoor to your web server.

A backdoor is malicious software that lets a hacker get back into your server even after you detect and remove their access credentials. When a hacker gets into your site, the first thing they do is upload a backdoor.

Continue reading
Inessa Atmachian

Beta: ImunifyAV 4.2.4 updated

We are pleased to announce that the new updated ImunifyAV version 4.2.4 beta is now available.

FixesDEF-8904: fixed upgrade_url for ImunifyAVHow to install

To install the new ImunifyAV version 4.2.4, please run the commands:

wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.shbash imav-deploy.sh --beta

To upgrade ImunifyAV on CentOS/CloudLinux systems, run the command:

yum update imunify-antivirus --enablerepo=imunify360-testing
Tags:
Inessa Atmachian

Beta: Imunify360 4.2.4 updated

We are pleased to announce that the new updated Imunify360 version 4.2.4 beta is now available.

FixesDEF-8777: fixed an issue when two admin contacts modal dialogs appear at once right after EULA is acceptedTasksDEF-8919: OSSEC 3.1.0-30 beta release DEF-8922: the new package of Proactive Defense 4.2.2-1.2 is added to the release of agent 4.2.xHow to install

To install the new Imunify360 version 4.2.4 beta

Please follow the instructions in the documentation.

To upgrade Imunify360 on CentOS/CloudLinux systems

Run the command:

Continue reading
Greg Zemskov

An Introduction to Imunify Hooks

In Imunify360 v4.2 beta, we introduced “Hooks”, a new way to handle asynchronous events coming from the Imunify agent. It works like a simple event handler. For example, you can create a script that will run when malware is detected (right after the on-demand or background scan is finished).

The script is put on the server and registered via the Imunify360 command-line interface. In the script, you can specify a set of actions based on the scanning report received from Imunify360: for example, suspend a user account infected with malware, send out an email notification, or submit a ticket for the client. Hooks are just executables, so they can be written in any language (bash, php, python, etc.).

We’ve had a lot of questions regarding the practical use of hooks. So, we’ve created this article to show you an example of a hook that runs when malware is detected, and suspends the cPanel user account when the number of infected files exceeds three.

Here are the steps to create the hook:

Create a file (e.g. /root/hooks/hook.php) with the following content:

Continue reading
Inessa Atmachian

Beta: ImunifyAV 4.2.3 updated

We are pleased to announce that the new updated ImunifyAV version 4.2.3 beta is now available.

FixesDEF-8635: there are imunify-service INFO messages in syslogDEF-8768: TypeError: Can't convert 'bytes' object to str implicitlyTasksDEF-8838: AI-BOLIT4.0.2-1 is added to the release of agent 4.2.xHow to install

To install the new ImunifyAV version 4.2.3, please run the commands:

wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.shbash imav-deploy.sh --beta

To upgrade ImunifyAV on CentOS/CloudLinux systems, run the command:

yum update imunify-antivirus --enablerepo=imunify360-testing
Tags:
Inessa Atmachian

Beta: Imunify360 4.2.3 updated

We are pleased to announce that the new updated Imunify360 version 4.2.3 beta is now available.

FixesDEF-7932: don't block IPs that are already manually added to the BLACK, GRAY, or WHITE listDEF-8635: there are imunify-service INFO messages in syslogDEF-8761: AttributeError: 'NoneType' object has no attribute 'groups'DEF-8768: TypeError: Can't convert 'bytes' object to str implicitlyTasksDEF-8836: the new package of Proactive Defense 4.2.0-1.20 is added to the release of agent 4.2.x DEF-8838: AI-BOLIT4.0.2-1 is added to the release of agent 4.2.x DEF-8845: bumped WebShield version to 1.7-12 for Imunify360 v. 4.2 and masterDEF-8848: added OSSEC 3.1.0-29 to the dependenciesHow to install

To install the new Imunify360 version 4.2.3 beta

Please follow the instructions in the documentation.

To upgrade Imunify360 on CentOS/CloudLinux systems

Run the command:

Continue reading
Andrey Kucherov

HiddenWasp: How to detect malware hidden on Linux & IoT

There’s a dangerous new malware affecting Linux and IoT devices known as HiddenWasp. In this article, I’ll dissect it to show you how it works and how you can stop it infecting your Linux server or IoT device.

Continue reading
Paul Jacobs

Beta: ImunifyAV 4.2.2 updated

We are pleased to announce that the new updated ImunifyAV version 4.2.2 beta is now available.

Fixes[DEF–8687] - imunifyAV is scanning php session files too[DEF–8731] - ImunifyAV service in cPanel service manager should be updated[DEF–8757] - Sentry tags are missingHow to install

To install the new ImunifyAV version 4.2.2, please run the commands:

wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.shbash imav-deploy.sh --beta

To upgrade ImunifyAV on CentOS/CloudLinux systems, run the command:

yum update imunify-antivirus --enablerepo=imunify360-testing
Paul Jacobs

Beta: Imunify360 4.2.2 updated

We are pleased to announce that the new updated Imunify360 version 4.2.2 beta is now available.

Fixes[DEF–8687] - Imunify360 is scanning php session files too[DEF–8731] - Imunify360 service in cPanel service manager should be updated[DEF–8757] - Sentry tags are missingHow to install

To install the new Imunify360 version 4.2.2 beta

Please follow the instructions in the documentation.

To upgrade Imunify360 on CentOS/CloudLinux systems

Run the command:

Continue reading
Greg Zemskov

How to disable ClamAV in Imunify360

We no longer use ClamAV for malicious files detection, and keep it as a part of Imunify360 only for detecting suspicious files. Starting from Imunify360 v4.3, we're removing it completely. Given that it may consume lots of resources while running on some configurations, you may want to disable it in Imunify360 prior to v4.3 release. Here are brief instructions for how to do that in v4.2. To disable ClamAV you need to set an empty value for the 'clamav_binary' option in /etc/sysconfig/imunify360/imunify360.config (default is /usr/bin/clamscan ): MALWARE_SCANNING: clamav_binary: That's it. If you have any questions or need further assistance, please get in touch .
Paul Jacobs

Beta: ImunifyAV 4.2.1 released

We are pleased to announce that a new ImunifyAV Beta version 4.2.1 is now available for download from our updates-testing repository.​

Continue reading
Paul Jacobs

Beta: Imunify360 4.2.1 released

We are pleased to announce that a new Imunify360 Beta version 4.2.1 is now available for download from our updates-testing repository.​

Continue reading
Inessa Atmachian

WAF rulesets released

We are pleased to announce that the new updated WAF rulesets version 2.45 are released. Changelog fixed the false positive triggering for ACF fields WordPress plugin; after monitoring and analysis disabled the rule for GetSimple CMS before 3.3.6 due to high FP rate; optimized the usage of default_SESSION.pag data file. Stay in touch If you encounter any problems with the product or you have feedback and ideas to share, please send a request to our Imunify360 support team via cloudlinux.zendesk.com .
Tags:
WAF
Greg Zemskov

New Knowledgebase Article: How to Replicate Imunify360 Config

We have a nice, new, time-saving tip over on the CloudLinux KnowledgeBase.

It tells you how to copy Imunify360 configurations from one server to another.

Read it here.

If there’s anything else you’d like us to write about, please let us know.

Inessa Atmachian

WHMCS plugin version 1.3.5 is here

We are pleased to announce that the new updated WHMCS plugin version 1.3.5 is now available. This latest version embodies further improvements of the product as well as new features. If you encounter any problems with the product or have any questions, comments, or suggestions, please contact our support team at cloudlinux.zendesk.com: the Imunify360 department . We’d be more than happy to help. Changelog: DEF-8495: added the additional check for models. Hide CloudLinux section in the client area if there are no CloudLinux licenses. To upgrade WHMCS plugin, please do the following: Download CloudLinux Licenses for WHMCS: http://repo.cloudlinux.com/plugins/whmcs-cl-plugin-latest.zip . U...
Continue reading
Tags:
Inessa Atmachian

Imunify360 4.1.0-9 released

We are pleased to announce that the new Imunify360 version 4.1.0-9 is now scheduled for gradual roll-out from our production repository and will be available for all customers in about two weeks or less. If you'd like to get updated Imunify360 version 4.1.0-9 now, please send the list of servers IPs to our support team at This email address is being protected from spambots. You need JavaScript enabled to view it. . That way you'll be added to the list and get those updates instantly. Improvements Automatic Scheduled/Background Malware Scanning Many of our users have been waiting for automatic, scheduled, background scanning of user accounts. It’s now here. You decide the interval, day and time of scanning. We will be adding scan result notifications in l...
Continue reading
Tags:
Alex Yevelev

Imunify360 and Mắt Bão: Cybersecurity and the Eye of the Storm

Mắt Bão is a leading Vietnamese IT services and hosting provider, and, we’re proud to say, a new Imunify360 customer.

The company name means ‘eye of the storm’. Founder and chairman of the board Le Hai Binh chose the name, inspired by a Vanessa-Mae concert.

Since 2003, Mắt Bão has been providing hosting and technical services to hundreds of thousands of customers, with services covering rack and cloud hosting, local and international domain name registration, email services, website design, everything a digital venture needs to make a mark in a competitive online world.

Now, with over 300 employees, Mắt Bão wants to do more for businesses. They want to help start-ups and incubator companies get off the ground, to mature and prosper; they want to help established enterprises improve their digital performance and ROI. To do this, Mắt Bão offers many free resources to the community, such as ebooks and workshops on how to be successful in online environments. Places for their monthly workshops are limited and quickly filled, due, in part, to being hosted by popular and well-known industry speakers.

Although CloudLinux and Mắt Bão have different languages and different cultures, we still have a lot in common. Like us, Mắt Bão rises above their competitors with a focus on excellent customer care, 24x7x365 world-class support, and water-tight SLAs.

Continue reading