We’re pleased to announce that a new version of Imunify360, an automated security solution for Linux servers, has been scheduled for gradual rollout from our production repository and will be available for all customers in about two weeks or less. If you’d like to get it earlier, see instruction at the end of the post.
The Imunify360 v.4.8 release introduces the following changes and features:
Enhanced coverage of the real-time scanner, including a user’s home directory, and everything it encloses.
Let’s review the details of these new features:
We’re focusing on automated security, and we’re looking for a way to maximize Web Application Firewall effectiveness (cover as many attacks as possible), yet minimize “false-positives” for them.
In order to make our automated WAF more accurate, we introduced the WAF Rules Auto-Configurator, which generates a set of rules on a per-domain basis, considering the content management system (CMS), that the website is running (WordPress, Joomla, etc).
It works in the background and scans domains for the installed CMS daily. After that, it rebuilds the ModSec configuration based on the detected software.
The main benefits of this feature are:
From the CLI, this feature can be enabled with the following command:
imunify360-agent config update '{"MOD_SEC": {"app_specific_ruleset": true}}'Note: it can take some time to scan all software on the server and reconfigure ModSecurity rules in an optimal way. To force the process, you can run this command:
/opt/alt/python35/share/imunify360/scripts/update_components_versions.py --update-modsec-rulesetsPreviously, the stand-alone installation of Imunify360 supported only the Apache web server. With the new 4.8 version, it can be installed on any server with LiteSpeed. All general functionality, including Malware Scan, cleanup, backup, etc. is available there.
You can find more information on the supported software here.
We introduced a couple of enhancements in the UI of the Malware Scanner.
The first one is the badge in the History tab. It shows the number of missed events in the Malware Scanner’s History. Now you won’t miss any automatic actions applied to infected files, since they will be listed in the History tab and shown in the badge.
Another enhancement is the chart in the Dashboard that lists the number of cleaned malicious files.
Note: charts are available in the Imunify360 Dashboard only.
We’ve frequently been asked for a way to enable “scan” action for end-users, so they could run a scan at any time on their own.
This option is now available in the config file, or via the command-line interface.
With respect to resource consumption, all user scans are scheduled using a single queue. Thus, multiple scans requested by users will not affect server performance.
Note: end-user scans are disabled by default.
To enable this setting via the command-line interface, use this command:
imunify360-agent config update '{"PERMISSIONS": {"allow_malware_scan": true}}'Regarding CPU and memory usage, the entire malware scan process is under strict control. Now it manages resource usage intensity during list preparation, which is beneficial during a scan of a sizable subset of files (thousands of user accounts, millions of files).
The current implementation of the Real-time Scan watches for any new or modified files within the user’s home folders and deeper. Thus, it can instantly detect malware uploaded via the panel file explorer, via (S)FTP, or dropped by other malicious scripts above the public_html or public_ftp folders.
It also has a comprehensive set of excluded masks to prevent system files from false-positive detection.
To install the new Imunify360 v.4.8, please follow the installation instructions.
If you want to upgrade to the new Imunify360 version 4.8 right now, you can run the following commands:
wget https://repo.imunify360.cloudlinux.com/defence360/imunify-force-update.sh
bash imunify-force-update.shFor the regular and safe update to v. 4.8 with a gradual rollout.
CentOS/CloudLinux systems:
yum update imunify360-firewallUbuntu systems:
apt-get update
apt-get install --only-upgrade imunify360-firewallA list of issues/bugfixes linked to support tickets:
Please give our product team feedback on this Imunify360 v.4.8 beta release, or share your ideas and feature requests via feedback@imunify360.com.
If you encounter any problems with this beta release, please send a comment or request to our Imunify support team via https://cloudlinux.zendesk.com.