Imunify360 Blog

Imunify360 version 5.2.2 updated

Written by Inessa Atmachian | Sep 21, 2020 2:26:24 PM

 

We’re pleased to announce that a new version of Imunify360, version 5.2, is now available. The following features are new in the v5.2 release:

    • New Setting Advisor
      The Imunify  Advisor is a new feature in the Imunify360 user interface. It provides specific recommendations for each server protected by Imunify360, displaying an optimal configuration that can be applied with a single mouse click.
    • Enhanced PHP Immunity
      The PHP Immunity component of Imunify360 includes two major improvements that help make PHP code immune to infection. It’s now capable of processing relative paths in file-related PHP functions, and also has an optimized message reduction mechanism.
    • New Rollout Process
      Beginning with Imunify360 version 5.2, a new, more-gradual release process will make the software more stable and bug-free, and the release cycle shorter.

Let’s review the changes in version 5.2: 

New Setting Advisor

The Imunify Advisor is a new recommendation feature that checks a server’s current settings, then provides a list of optimal settings for that individual server. A dialog box pops up to display these settings, which can be applied with a single mouse click. With Imunify Advisor, you never overlook critical configuration settings.

The Imunify Advisor is also useful when evaluating experimental features. They can be safely enabled without making a server’s configuration unstable. 

This feature is ON  by default, but may be overridden using the following CLI commands:

# imunify360-agent config update '{"PERMISSIONS": {"advisor": false}}'
# imunify360-agent config update '{"PERMISSIONS": {"advisor": true}}'

Enhanced PHP Immunity

The PHP Immunity component of Imunify360 now includes two major updates, both related to the Blamer component: 

  • New Blamer message reduction mechanics reduce the number of recurring events. This makes it easier to identify important events, speeds up incident processing, and saves memory on the server. 
  • Relative paths processed by Blamer are now as effective as full paths. This leaves no chance for malware to pass through unnoticed, and enables better PHP malware detection and blocking in Proactive Defense.

This component is still experimental, and is disabled by default. To enable PHP Immunity, just go to the Malware tab and check the PHP Immunity checkbox.

You can also enable PHP Immunity with this CLI command:

# imunify360-agent config update '{"PROACTIVE_DEFENCE": {"php_immunity": true}}'

Note: By enabling this feature, Blamer will be enabled automatically, and Proactive Defense will be automatically switched to KILL mode.

New Rollout Process 

We’re preparing to switch to a more gradual, reliable rollout system for Imunify360, so during the version 5.2 update each Imunify360 server will get eight additional repositories: four will be used to control the gradual release process, and another four will enable instant updates and bypass of the rollout system if desired. 

Information regarding these new repositories is included in the following files:

CentOS:

/etc/yum.repos.d/imunify-rollout.repo

Ubuntu:

/etc/apt/source.list.d/imunify360-rollout.list

/etc/apt/source.list.d/imunify360-rollout-bypass.list.disabled

Content of /etc/yum.repos.d/imunify-rollout.repo:

[imunify360-rollout-1]
name=Imunify360 - Gradual Rollout Slot 1
baseurl=https://download.imunify360.com/el/$releasever/slot-1/x86_64/
enabled=1
gpgcheck=1
gpgkey=https://repo.imunify360.cloudlinux.com/defense360/RPM-GPG-KEY-CloudLinux
skip_if_unavailable=True

[imunify360-rollout-1-bypass]
name=Imunify360 - Gradual Rollout Slot 1 Bypass
baseurl=https://download.imunify360.com/el/$releasever/slot-1-bypass/x86_64/
enabled=0
gpgcheck=1
gpgkey=https://repo.imunify360.cloudlinux.com/defense360/RPM-GPG-KEY-CloudLinux
skip_if_unavailable=True

[imunify360-rollout-2]
name=Imunify360 - Gradual Rollout Slot 2
baseurl=https://download.imunify360.com/el/$releasever/slot-2/x86_64/
enabled=1
gpgcheck=1
gpgkey=https://repo.imunify360.cloudlinux.com/defense360/RPM-GPG-KEY-CloudLinux
skip_if_unavailable=True

[imunify360-rollout-2-bypass]
name=Imunify360 - Gradual Rollout Slot 2 Bypass
baseurl=https://download.imunify360.com/el/$releasever/slot-2-bypass/x86_64/
enabled=0
gpgcheck=1
gpgkey=https://repo.imunify360.cloudlinux.com/defense360/RPM-GPG-KEY-CloudLinux
skip_if_unavailable=True
. . .

Additional information

Imunify360 v5.2 includes 32 tasks and 3 bug fixes.

Internal records

Important tasks and issues linked to support tickets:

  • DEF-11772, DEF-13407: Performance improvement. Less server restarts performed on standalone-malware list modification.
  • DEF-13440, DEF-13385: Fixed logs rotation for OSSEC on server with SELinux enabled
  • DEF-13709: Proactive Defense stability improvement
  • DEF-13415, DEF-13421: Malware Scanner performance improved. New messages will be processed asynchronously with MalwareScan handlers. StoreMalwareHits plugin will not cause further scans delay.
  • DEF-13905: The new Proactive Defense rules package got improved protection and fixed rare false positives
  • DEF-14034: Improved error handling in Imunify360 notifications service v1.0.6
  • DEF-13961, DEF-13957, DEF-13973: License expiration issue due to internal timeouts
  • DEF-14005, DEF-13968: Missing notification details on Proactive Defense alerts
  • DEF-13908: Fixed the issue: Zero "total files" are shown on some servers
  • DEF-13922: Extended malware-scanning/started hooks info with CPU, IO, RAM intensity

How to install

To install the new Imunify360 version, please follow the instructions in the documentation.

How to upgrade

To upgrade Imunify360 on CentOS/CloudLinux systems, run the command:

yum update imunify360-firewall

To upgrade Imunify360 on Ubuntu 16.04 and Ubuntu 18.04, run the following command:

apt-get update
apt-get install --only-upgrade imunify360-firewall

Stay in touch

Please, give us feedback on the latest release or share your ideas and feature requests with the product team via feedback@imunify360.com.

If you encounter any problems with the product, please send a request to our Imunify support team via https://cloudlinux.zendesk.com/.
View full post