<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">

Imunify360 version 4.9 released

 

IM-major-release

We’re pleased to announce that a new version of Imunify360, an automated security solution for Linux servers, has been scheduled for gradual rollout from our production repository and will be available for all customers in about two weeks or less. The following features are new in the version 4.9 release:

  • Support for CentOS 8 and CloudLinux OS 8
    The current platform versions of these operating systems are now supported in version 4.9.
  • WebShield support for Stand-Alone installation
    Complete support of WebShield in stand-alone installations. Includes HTTPS traffic proxying and protection for SSL configured domains, the same feature set as for cPanel, Plesk and DirectAdmin.
  • File change API support
    The Real-time scanner enables File Change Service/API support on CloudLinux OS 7, as well as an extended folder watchlist.
  • Customized Google reCAPTCHA
    More reliable usage of the Google reCAPTCHA, with custom keys. Recommended for shared-hosting servers and the servers with high traffic websites..
  • The Proactive Defense improvement: Forbid stand-alone malware execution
    Better integration between the Malware scanner and the Proactive Defense that prevents stand-alone malicious files from being executed. This provides better protection against malware drops such as web-shells, phish pages, backdoors, etc.
  • Mass operations for IP management on the Incidents tab
    An enhanced UI that enables easy management of IP addresses: mass whitelisting/blacklisting with a couple of mouse-clicks.

Let’s review the details of these new features:

Support for CentOS 8 and CloudLinux OS 8

Starting from version 4.9, Imunify360 supports the current versions of the operating systems and hosting panels below. It can be installed in the following environments:

  • CentOS 8 with Plesk
  • CentOS 8 with DirectAdmin
  • CentOS 8 as stand-alone
  • CloudLinux OS 8 with DirectAdmin
  • CloudLinux OS 8 as stand-alone

The Imunify360 installation process remains the same.

Note: Extension of supported cPanel and Plesk environments is scheduled for future releases.

Full-featured WebShield in the Stand-Alone installation

Imunify360 now supports stand-alone and custom hosting panel installations.

Greylisting and captcha are available, WebShield serves correct SSL certificates for hosted domains and prevents HTTPS attacks in version 4.9.

Note: the server must recognize WebShield as an internal proxy. For example, mod_remoteip for Apache must be installed and configured like this:

<IfModule remoteip_module>
RemoteIPInternalProxy 127.0.0.1
RemoteIPInternalProxy ::1
RemoteIPHeader X-Real-IP
</IfModule>

Details on how to set up SSL certificates can be found in our blog post WebShield introduction for server administrators.

File Change Service/API support

In version 4.9, the file watcher for real-time scanning has been extended to support File Change API on CloudLinux OS 7. This improves the detection rate on systems with limited monitoring capability  because they don’t support fanotify.

CloudLinux File Change API is a kernel-level technology (a part of CloudLinux OS) that buffers the list of modified files in the kernel, then provides the list to the daemon or external application. Embedded caching reduces IOPS and CPU consumption during the real-time scanning process. Here are more details on how it works.

The changes introduced in version 4.9 are part of the Real-Time Scan, and are enabled by checking the "Optimize real-time scan" checkbox in the Settings:

OptimizeRealTimeScan

Alternatively, it can be enabled via the MALWARE_SCANNING.optimize_realtime_scan config option.

Just run this command to enable it:

# imunify360-agent config update '{"MALWARE_SCANNING": {"optimize_realtime_scan": true}}'

Customized Google reCAPTCHA

Prior to version 4.9, Imunify360 used embedded reCAPTCHA keys to show Google reCAPTCHA challenge for Greylisted IP addresses. It did not require any settings changes to enable a captcha challenge. Due to the new upcoming policy of Google reCAPTCHA and rate limits we require to specify custom Google reCAPTCHA keys. We will continue supporting embedded keys for one more version.

Starting from v4.9, Imunify360 allows an admin to specify reCAPTCHA keys for the server. In further releases, we plan to completely remove embedded keys, and replace Google reCAPTCHA with Splash Screen for the installation without specified custom keys.

Follow this step by step guide to set up the Site key and the Secret key under the General tab in the Imunify360 settings.

GoogleReCaptcha

Or, you can use the following CLI commands to apply the keys:

# imunify360-agent config update '{"WEBSHIELD": {"captcha_site_key": "6LdAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXq2e9xJ"}}'
# imunify360-agent config update '{"WEBSHIELD": {"captcha_secret_key": "6LdAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXvy11D"}}'

Proactive Defense improvement: Forbid standalone malware execution

In version 4.9, Proactive Defense and the Malware Scanner are more tightly integrated. Their internal logic prevents stand-alone malicious executables from running, which will significantly reduce the number of re-infections and new malware drops such as  web-shells, phish pages, and stand-alone backdoors. 

This protection is enabled by default, and doesn’t require any manual settings. Everything you need is to make sure you have enabled real-time protection and configured scheduled scans (at least once per week). Read more details on how to configure recommended protection settings in our blog posts:

Mass operations with IP management

Version 4.9 also includes an often-requested UI enhancement, one that allows bulk processing of IP addresses. It minimizes the time required to perform mass IP actions such as:

  • Moving IPs to the White List/Black List
  • Deleting IPs from a list
  • Moving IPs to a group

IPManagementMassOperations

How To Install

To install the new Imunify360 version 4.9, please follow the installation instructions.

How To Upgrade

If you want to upgrade to the new Imunify360 version 4.9 right now, you can run the following commands:

wget https://repo.imunify360.cloudlinux.com/defence360/imunify-force-update.sh
bash imunify-force-update.sh

For the regular and safe update to Imunify360 version 4.9 with a gradual rollout.

CentOS/CloudLinux systems:

yum update imunify360-firewall

Ubuntu 16.04 and 18.04 systems:

apt-get update
apt-get install --only-upgrade imunify360-firewall

Stay In Touch

Please give our product team feedback on this Imunify360 version 4.9 release, or share your ideas and feature requests via feedback@imunify360.com.

If you encounter any problems with this release, please send a comment or request to our Imunify support team via https://cloudlinux.zendesk.com.

Imunify360 version 4.9 released

 

IM-major-release

We’re pleased to announce that a new version of Imunify360, an automated security solution for Linux servers, has been scheduled for gradual rollout from our production repository and will be available for all customers in about two weeks or less. The following features are new in the version 4.9 release:

  • Support for CentOS 8 and CloudLinux OS 8
    The current platform versions of these operating systems are now supported in version 4.9.
  • WebShield support for Stand-Alone installation
    Complete support of WebShield in stand-alone installations. Includes HTTPS traffic proxying and protection for SSL configured domains, the same feature set as for cPanel, Plesk and DirectAdmin.
  • File change API support
    The Real-time scanner enables File Change Service/API support on CloudLinux OS 7, as well as an extended folder watchlist.
  • Customized Google reCAPTCHA
    More reliable usage of the Google reCAPTCHA, with custom keys. Recommended for shared-hosting servers and the servers with high traffic websites..
  • The Proactive Defense improvement: Forbid stand-alone malware execution
    Better integration between the Malware scanner and the Proactive Defense that prevents stand-alone malicious files from being executed. This provides better protection against malware drops such as web-shells, phish pages, backdoors, etc.
  • Mass operations for IP management on the Incidents tab
    An enhanced UI that enables easy management of IP addresses: mass whitelisting/blacklisting with a couple of mouse-clicks.

Let’s review the details of these new features:

Support for CentOS 8 and CloudLinux OS 8

Starting from version 4.9, Imunify360 supports the current versions of the operating systems and hosting panels below. It can be installed in the following environments:

  • CentOS 8 with Plesk
  • CentOS 8 with DirectAdmin
  • CentOS 8 as stand-alone
  • CloudLinux OS 8 with DirectAdmin
  • CloudLinux OS 8 as stand-alone

The Imunify360 installation process remains the same.

Note: Extension of supported cPanel and Plesk environments is scheduled for future releases.

Full-featured WebShield in the Stand-Alone installation

Imunify360 now supports stand-alone and custom hosting panel installations.

Greylisting and captcha are available, WebShield serves correct SSL certificates for hosted domains and prevents HTTPS attacks in version 4.9.

Note: the server must recognize WebShield as an internal proxy. For example, mod_remoteip for Apache must be installed and configured like this:

<IfModule remoteip_module>
RemoteIPInternalProxy 127.0.0.1
RemoteIPInternalProxy ::1
RemoteIPHeader X-Real-IP
</IfModule>

Details on how to set up SSL certificates can be found in our blog post WebShield introduction for server administrators.

File Change Service/API support

In version 4.9, the file watcher for real-time scanning has been extended to support File Change API on CloudLinux OS 7. This improves the detection rate on systems with limited monitoring capability  because they don’t support fanotify.

CloudLinux File Change API is a kernel-level technology (a part of CloudLinux OS) that buffers the list of modified files in the kernel, then provides the list to the daemon or external application. Embedded caching reduces IOPS and CPU consumption during the real-time scanning process. Here are more details on how it works.

The changes introduced in version 4.9 are part of the Real-Time Scan, and are enabled by checking the "Optimize real-time scan" checkbox in the Settings:

OptimizeRealTimeScan

Alternatively, it can be enabled via the MALWARE_SCANNING.optimize_realtime_scan config option.

Just run this command to enable it:

# imunify360-agent config update '{"MALWARE_SCANNING": {"optimize_realtime_scan": true}}'

Customized Google reCAPTCHA

Prior to version 4.9, Imunify360 used embedded reCAPTCHA keys to show Google reCAPTCHA challenge for Greylisted IP addresses. It did not require any settings changes to enable a captcha challenge. Due to the new upcoming policy of Google reCAPTCHA and rate limits we require to specify custom Google reCAPTCHA keys. We will continue supporting embedded keys for one more version.

Starting from v4.9, Imunify360 allows an admin to specify reCAPTCHA keys for the server. In further releases, we plan to completely remove embedded keys, and replace Google reCAPTCHA with Splash Screen for the installation without specified custom keys.

Follow this step by step guide to set up the Site key and the Secret key under the General tab in the Imunify360 settings.

GoogleReCaptcha

Or, you can use the following CLI commands to apply the keys:

# imunify360-agent config update '{"WEBSHIELD": {"captcha_site_key": "6LdAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXq2e9xJ"}}'
# imunify360-agent config update '{"WEBSHIELD": {"captcha_secret_key": "6LdAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXvy11D"}}'

Proactive Defense improvement: Forbid standalone malware execution

In version 4.9, Proactive Defense and the Malware Scanner are more tightly integrated. Their internal logic prevents stand-alone malicious executables from running, which will significantly reduce the number of re-infections and new malware drops such as  web-shells, phish pages, and stand-alone backdoors. 

This protection is enabled by default, and doesn’t require any manual settings. Everything you need is to make sure you have enabled real-time protection and configured scheduled scans (at least once per week). Read more details on how to configure recommended protection settings in our blog posts:

Mass operations with IP management

Version 4.9 also includes an often-requested UI enhancement, one that allows bulk processing of IP addresses. It minimizes the time required to perform mass IP actions such as:

  • Moving IPs to the White List/Black List
  • Deleting IPs from a list
  • Moving IPs to a group

IPManagementMassOperations

How To Install

To install the new Imunify360 version 4.9, please follow the installation instructions.

How To Upgrade

If you want to upgrade to the new Imunify360 version 4.9 right now, you can run the following commands:

wget https://repo.imunify360.cloudlinux.com/defence360/imunify-force-update.sh
bash imunify-force-update.sh

For the regular and safe update to Imunify360 version 4.9 with a gradual rollout.

CentOS/CloudLinux systems:

yum update imunify360-firewall

Ubuntu 16.04 and 18.04 systems:

apt-get update
apt-get install --only-upgrade imunify360-firewall

Stay In Touch

Please give our product team feedback on this Imunify360 version 4.9 release, or share your ideas and feature requests via feedback@imunify360.com.

If you encounter any problems with this release, please send a comment or request to our Imunify support team via https://cloudlinux.zendesk.com.

Subscribe to Imunify security Newsletter