Imunify360: Security solution with linux malware scanner for servers
From CloudLinux, the makers of the #1 OS for web-hosting
For cPanel, Plesk, Direct Admin and stand-alone installation
Choose Imunify Security product to learn more
Prevention is always better than Cure… but just in case, we have BOTH
Imunify360 is a comprehensive security platform for web-hosting servers. It utilizes highly tailored and integrated components for proactive real-time website protection and web server security. It’s not just antivirus or WAF. Imunify360 combines an Intrusion Prevention and Detection system, a Web Application Firewall, Real-time Antivirus protection, a Network Firewall, and Patch Management components. These elements are seamlessly integrated for flawless interoperability that instantly detects, fixes, and protects from any threats that a web-hosting service may encounter.
Robust protection against cyber attacks
Imunify360 is a completely automated security solution. It includes a distributed Threat Intelligence approach, which processes data reported by all running Imunify360 instances. Upon first cyber-attack or threat detection, Imunify360 provides instant protection. Moreover, we empowered it with a Machine Learning algorithm and heuristics running in the Cloud to make it even stronger. Servers under Imunify360 protection gain collective heard immunity because they share threat information in real-time. Our sophisticated detection of known and unknown security threats, including the infamous zero-day and distributed brute-force attacks, delivers robust and comprehensive protection for your server.
Next-Level Proprietary Technology Protects Your System from Known and Unknown Malware
Imunify360 analyses scripts in real-time and recognizes dangerous execution flows. This means you no longer need to watch CVE lists to identify current exploits. Imunify360 stops malicious PHP scripts, both new and old, preventing them from running on your servers. Innovative PHP Immunity technology makes any web application invulnerable. Additionally, Imunify360 shares data with WAF and antivirus, giving your servers an added layer of protection.
A Significantly Lower False Positive Rate is a Top Priority
With Imunify360 protection, you can forget about false alarms and keep your business & website protected when it matters most. Our protection makes Imunify360 a must-have for any business.
Hands-off integration right inside your hosting control panel, with 24x7 support
Imunify360 can be used right out of the box. Control Panel integration means your servers receive instant protection. You can check in on the overall state of your server’s security through the integrated Web interface and Dashboard inside your hosting control panel (cPanel, Plesk, DirectAdmin, and as a stand-alone installation without a panel).
Multi-Layered Security for Your Linux Web Server
Out of the Box Layered Protection at the Network Level
The Network layer consists of a Web-Application Firewall together with WebShield and a Network Firewall. This layer protects against different web attacks sent via HTTP/HTTPS as regular traffic and from a CDN or Proxy. Each component uses cloud-based information, and many attacks are blocked in real-time. Attackers cannot bypass the protection while collecting information. Additionally, the network layer does not wait for attackers to reach a threshold. Imunify360 offers 360 degrees protection leaving no possibility for the malware to go through to the clients’ servers.
Advanced Web-Application Firewall keeps your servers up & running
The firewall tightly integrates with ModSecurity web application firewalls supplied by low false positives rules to enhance its usefulness. In combination with WAF, Imunify360 stops the majority of web application attacks even before they start. An advanced Captcha system and Splash Screen are employed to halt malicious activity and ensure valid customers can reach your website.
Webshield
Intrusion Detection and Prevention Systems
Lastly, our Network Firewall and Intrusion Detection and Prevention Systems include IP management. This is an Imunify Pluggable Authentication Modules extension, Open Source HIDS Security, and Port Firewall that prevents all system services attacks against FTP, SSH, IMAP/SMTP, etc.
The majority of hosting providers say that remote exploit is a top issue for their customers’ web servers. With IDS and IPS in Imunify360, you will be protected from inside out and outside in.
Imunify360 features an excellent Intrusion Prevention System (IPS) that includes a comprehensive collection of “deny” policy rules that block all attacks. And are effective against those who use custom or well-known exploit tools.
By monitoring server logs, the Intrusion Detection System (IDS) provides excellent visibility of server security. It scans log files from several different angles and bans IPs that show signs of malicious activity. This activity includes password failures, potential exploits, etc., and reports the data Imunify360’s Dashboard.
PROACTIVE DEFENSE: No chances for malware on the server
The second layer of protection happens at the Application service level of your server. Our unique Proactive Defense technology detects and blocks malicious execution flow in runtime. It analyzes the PHP script behavior and prevents it from causing any harm to the server. It either blocks the entire script execution or just the malicious flow. This is crucially important because malicious code is often hidden: obfuscated, injected in the middle of the legitimate file, fetched from the network dynamically, and placed in the database. Proactive Defense sees right away when it is executed and stops it before it causes any damage to the server.
File-System Level Protection During File Input/Output Operations
The final layer of defense occurs at the File-System level during file input/output operations. The file system is where Imunify Antivirus comes into play.
It includes:
A real-time file scanner. When a file is loaded into the system, it is scanned. If it is malicious, it is cleaned. This mitigates the destructive effects on an unprotected system and is most helpful for an already infected system.
A background (regular) Antivirus program that performs regular file checks in the background to keep your server clean.
On-Demand Antivirus that can be run at any time by administrators or end-users to check any arbitrary folder against malware.
A WordPress database scanner that checks WordPress records against malicious injection of javascript, iframes, and other content.
Cloud & Herd Antivirus to ensure your security
• A term we use is “herd immunity” – a collective immunity for our customers based on data related to incidents and attacks accumulated from all Imunify360 instances. We analyze incidents in real-time and produce protection rules we then distribute to all Imunify installations. Once an attacker is identified, we proactively block malicious activity on all servers.
• The cloud-based component has a Real-time blacklist server containing blacklisted IP subnets and IPs for specific URL zones used in the WAF RBL module working server-side.
Centralized threat monitoring made easy
Imunify360 combines WAF, IDS, IPS, Network Firewall, Proactive Defense, and File Antivirus as a single working engine. It shares data amongst all system components and provides a much higher level of protection. United under a centralized incident management system, this is “synergy” not found with separate standard security components installed on the system.
A central dashboard is available directly in your control panel. This lets you check the overall state of your server and manage all aspects of its security. The central dashboard displays all security events, with the latest incidents updated in real-time. The central dashboard is customizable and allows filtering and event selection based on various parameters, review the details of incidents, access white list and blacklist management features, view settings, reports, and much more.
Near-instant recovery of infected files from backup
CloudLinux Backup for Imunify360 offers superior protection for your data and systems to defend against malicious attacks, malware infections, file corruptions, and website loss. It is powered by the fast and reliable Acronis backup technology. CloudLinux Backup stores your data in the Cloud, in an offsite location with multiple remote options available.
COMPARE PRODUCTS
$12/mo
or $5 per server
for more than 5 servers
Malware scanner detects and cleanup with advanced file deobfuscation techniques enable detection of encrypted malicious code embedded in files, which can be cleaned automatically in one-click.
LEARN MORE
$6/mo
Free version of our malware scanner that detects any type of malicious file, including backdoors, web-shells, viruses, hacker tools, ‘blackhat SEO’ scripts, phishing pages, and many others.
LEARN MORE
FREE
Real-time Malware Processing
Scheduled/On-Demand Malware Scanning
Malware Database Scanner
Incident Reporting via UI and API
Automation via Command-Line and API3rd-Party Solution Integration (CSF/lfd/cpHulk)
Hosting Panel Integration (cPanel/Plesk)
24/7 Professional Technical Support
Automated Malware Clean-up
Account Brute-Force Prevention (for FTP, SSH, SMTP, Hosting Panel accounts, WordPress)
Web-Attack Protection
Port-Scanning Protection
L7 DoS Protection
Outdated/Vulnerable Software Patching
Backup Solution Integration
Domain Reputation Management
SMTP Traffic Management
Server Group Management
Scheduled/On-Demand Malware Scanning
Malware Database Scanner
Incident Reporting via UI and API
Automation via Command-Line and API3rd-Party Solution Integration (CSF/lfd/cpHulk)
Hosting Panel Integration (cPanel/Plesk)
24/7 Professional Technical Support
One-click Malware Clean-up
Scheduled/On-Demand Malware Scanning
Malware Database Scanner
Incident Reporting via UI and API
Automation via Command-Line and API3rd-Party Solution Integration (CSF/lfd/cpHulk)
Hosting Panel Integration (cPanel/Plesk)
24/7 Professional Technical Support
Blocks attacks through all of technologies at a time: signature matching, real-time behavior analysis for blocking malware, and cloud heuristics powered by insights collected from servers all over the world.
LEARN MORE
$12/mo
or $5 per server
for more than 5 servers
Real-time Malware Processing
Scheduled/On-Demand Malware Scanning
Malware Database Scanner
Incident Reporting via UI and API
Automation via Command-Line and API3rd-Party Solution Integration (CSF/lfd/cpHulk)
Hosting Panel Integration (cPanel/Plesk)
24/7 Professional Technical Support
Automated Malware Clean-up
Account Brute-Force Prevention (for FTP, SSH, SMTP, Hosting Panel accounts, WordPress)
Web-Attack Protection
Port-Scanning Protection
L7 DoS Protection
Outdated/Vulnerable Software Patching
Backup Solution Integration
Domain Reputation Management
SMTP Traffic Management
Server Group Management
Frequently Asked Questions
What is Imunify360?
Imunify360 is a comprehensive security suite for linux web-servers. Antivirus, Firewall, WAF, PHP Security Layer, Patch Management, Domain Reputation with easy UI and advanced automation. Find out more about Imunify360 and how it works here.
Does Imunify360 have a linux malware scanner for servers?
Yes, Imunify360’s Linux Malware Scanner for servers scans file systems for malware injection and automatically cleans it. Its effective dashboard also allows a user to monitor all incidents at hand in one place.
What systems do you support?
We support all the popular systems CloudLinux OS 6,7,8, Ubuntu 16,18, 20, CentOS 6,7,8, Debian 7,8,9,10, RHEL 6,7,8, AlmaLinux 8
What panels do you support?
We have a simple installation at any of these panels – cPanel & WHM, Direct Admin, ISPmanager, and Plesk.
What should I do if I do not have a hosting panel?
Imunify360 offers Stand-alone installation. The detailed instructions are available here.
How can I test Imunify360?
You could explore Imunify360’s all set of features free for 14 days on an unlimited number of servers. No credit card information required. After the trial period is over, you can purchase an Imunify360 license via CloudLinux Network (CLN) by logging in to cln.cloudlinux.com.
Where I can find the list of providers that offer Imunify360?
The list is available in our Partner directory here.
What cleanup options are available for threats found?
Imunify360 cleans up all files it can detect. This can include trimming a file (instead of removing) when it is standalone malware and removing injection from a good file – when malware is injected into a good file.
Imunify360 supports automatic cleanup, manual cleanup, and restore from backup modes for dealing with malware.
Does it offer DB scanning support?
Database scanning with fully functional GUI is coming in v6.0.
If we were to find threats that were not flagged, how would we go about reporting them?
The same command as above except with the false-negative option.
An example of CLI command is:
# imunify360-agent submit false-negative /home/ssdcsdfe/public_html/FN_file.php
Our malware analysts team handles such files during 1 business day and rolling out an updated malware database for all our customers.
What is Proactive Defense?
Proactive Defense relies on a proactive approach to security. It stops malware before any malicious code or script is executed. With Imunify360 Proactive Defense no hidden or obfuscated malware will get to our server.
What is Herd Antivirus?
Herd Antivirus uses a collective immunity to build its protection rules to ensure safety of all servers. All incidents and attacks are accumulated from all instances, analyzed, used as basis for protection rules and later on distributed across all the accounts. Later on, earlier identified incidents are blocked on all servers.
How do I get started with Imunify360?
Our Getting Started guide will guide you through all the steps of the installation process and help you explore all features of Imunify360.
What is the price of Imunify360?
The pricing of Imunify360 starts at 6 USD /mo. You can find more information about pricing here.
How can I buy Imunify360?
You can purchase Imunify360 either via CloudLinux Network (CLN) by logging in to cln.cloudlinux.com or contact [email protected].
How to become a partner or reseller?
We have created this handy Partner Guide to help you effectively promote Imunify360 to your Shared and VPS customers and accelerate your sales. You can learn more about the Imunify360 partner program here.
Where to find Imunify360’s documentation?
You can find all technical documentation about Imunify360 here.
Do I still need ImunifyAV(+) after buying Imunify360?
No, you do not need ImunifyAV (free Linux server antivirus) or AV+, Imunify360 provides full protection and both ImunifyAV+ and ImunifyAV are included into Imunify360 security suite.
If we were to find false positives, how would we go about reporting them?
It’s very unlikely that you will as our malware analysts team register average at around 1 false positive per 20M sites per week, and that typically affects less than 10 sites, but if you do:
# imunify360-agent submit --help
usage: imunify360-agent submit [-h] {false-negative,false-positive} ...
positional arguments:
{false-negative,false-positive}
Available commands
false-negative Submit a false-negative file for analisys
false-positive Submit a false-positive file for analisys
An example of CLI command is:
# imunify360-agent submit false-positive --reason "reason description" /home/xyz/public_html/FP_file.php
Or you could open a ticket to our support team and attach an FP file to a ticket (https://www.imunify360.com/support/new).