<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">

Release Notes: Imunify360 v.5.3

Oct 20, 2020 7:35:05 PM / by Dmitry Tkachuk



We’re pleased to announce that a new version of Imunify360, version 5.3, is now available. The following features are new in the v.5.3 release:

    • Bulk restore from the backup
      Optimized backup restoration procedure speeds up file recovering in bulk, providing unseen performance.
    • cgroups for Malware Scanner
      Extended resource limitation mechanics supports cgroups, providing better control over resources in the Malware Scanner on CentOS 7, 8, and Ubuntu.
    • Proactive Defense rules delivery
      The new way to deliver Proactive Defense rules provides a set of notable improvements.
    • Features enabled in the Settings
      Some features became enabled for new Imunify360 installations by default.
    • New Default Settings
      The new default settings in the Imunify360’s Malware Scanner and WAF allow performing faster and detect more malware.

Let’s review the changes in version 5.3: 

Bulk restore from backup

We’ve greatly reworked Malware Scanner and made it ready for bulk operations. Optimized workflow for batches performs much faster as they can be grouped, and similar operations can be executed only once. That allows Imunify360 v5.3 to restore from the backup up to 100x faster and consume fewer resources for that.

Best seen on big restore-batches, which usually caused by the scanning with the “Try to restore from backup first” feature enabled or by manual “Try to restore clean version from backup” requests on big volumes.

cgroups for Malware Scanner

Imunify360 v5.3 utilizes cgroups for the CPU and IO resource management during on-demand and background scans. It limits filesystem and CPU load according to configured “intensity level”, avoiding spikes and smoothly spreading the load.

That is useful for non-CloudLinux OS systems where LVE is not available. Earlier CentOS 7/8 systems required the CFQ scheduler to be available for the ionice priorities schedule. Now, Imunify360 v5.3 doesn’t depend on CFQ. Further installations on Debian systems will also rely on cgroups support for resource management.

Proactive Defense rules delivery

Imunify360 is now capable of updating Proactive Defense protection rules in real-time. The new delivery system has a set of advantages:

  • Protection rules now can be updated instantly without the Imunify360 complete suite releasing. This improvement significantly reduces the release cycle and makes the delivery process quicker.
  • Quick rules delivery allows extremely fast reaction on zero-day attacks and immediately update server protection as soon as it was developed by the Imunify operation department yet keeping the entire release process safe and reliable.
  • The fail-safe update technique allows applying embedded rules in case of any network failure during the update process.

Stable features

The features previously marked as “experimental” have been tested carefully during several releases, and now they are ready for regular usage:

  • General → Installation → Privilege escalation detection & protection
    The KernelCare extension for Imunify360 allows tracing malicious execution flows to detect privilege escalation attempts.
  • General → WAF settings → Apply CMS-specific WAF Rules
    Optimizes WAF rules on a per-domain basis, considering the web applications installed on the website (WordPress, Joomla, Drupal, etc.).
  • General → PAM → PAM brute-force attack protection
    Advanced SSH/FTP brute-force protection technique based on the combination of PAM module authorization, RBL check, and IP blacklisting.
  • Malware → General → Optimize real-time scan
    Enables the File Change API or fanotify service support for Malware Scanner to reduce the system load while watching for file changes.
  • Malware → General → Binary (ELF) malware detection
    Allows Malware Scanner to trigger on ELF-binaries in user home directories (which is uncommon) and mark them as malicious.

New Default Settings

The new default settings will be applied to all new installations of Imunify360. The following features enabled by default:

  • Optimize real-time scan;
  • Binary (ELF) malware detection;
  • Apply CMS-specific WAF Rules.

Additional information

Imunify360 v5.3 includes 78 tasks and 10 bug fixes.

Internal records

Important tasks and issues linked to support tickets.

Greatly improved detection rate and malicious code deobfuscator.
Fixed the improper redirecting WebShield issue in rare cases.
Fixed empty rbl_whitelist file after ModSecurity vendor update on cPanel.


Improved runtime errors handling in Malware Scanner


Allow outgoing traffic to white-listed IPs.


Improved handling of messages from AI-Bolit.
DEF-13812 Extended commands in ImunifyAV(+). “malware rebuild patterns” - now available.
Improved PAM service reliability. Unified service name and code refactoring.
DEF-13208 Improved AI-Bolit performance by the file filtering mechanics improvement.
DEF-13897 Malware Database Scanner got updated snippets formatting.
DEF-14267 Improved statistics collection for Malware Database Scanner


Fixed issues related to acquiring CSF locks
Fixed "real_ip_header directive is duplicate" issue on Nginx servers

Stay in touch

Please give our product team feedback on this version 5.3 release, or share your ideas and feature requests via feedback@imunify360.com.

If you encounter any problems with this release, please send a comment or request to our Imunify support team via cloudlinux.zendesk.com.

How To Install

To install the new Imunify360 version 5.3, please follow the installation instructions.

How To Upgrade

If you want to upgrade to the new Imunify360 version 5.3 right now, you can use the updated script by running the following commands:

wget https://repo.imunify360.cloudlinux.com/defence360/imunify-force-update.sh
bash imunify-force-update.sh

For the regular and safe update to Imunify360 version 5.3 with a gradual rollout.

CentOS/CloudLinux systems:

yum update imunify360-firewall

Ubuntu 16.04 and 18.04 systems:

apt-get update
apt-get install --only-upgrade imunify360-firewall

Topics: Imunify360, Release

Dmitry Tkachuk

Written by Dmitry Tkachuk

Imunify Security, Product Manager

    Subscribe to Email Updates

    Ready to try Imunify?

    30-DAY TRIAL

    Recent Posts