<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">

Release Notes: Imunify360 v.5.4.2

Nov 12, 2020 7:50:17 PM / by Dmitry Tkachuk

 

IM-major-release

We’re pleased to announce that a new version of Imunify360, version 5.4.2, is now available. The following features are new in the v.5.4.2 release:

  • Nginx support for “no panel” installations
Imunify360 now supports Nginx + ModSecurity v3 setup on a server without a panel.
  • Gradual removal of "Delete" and "Quarantine" actions
Version 4.5 introduces the first step of “Delete” and “Quarantine” default action removal in the Malware Scanner UI. All stages were announced and explained in our blog earlier.
  • Malware Database Scanner (MDS) improvements
Earlier this year, we announced the CLI tool to find malicious injections in the database and clean-up them automatically. We continue improving the scanning engine. Another update allows the admin to detect and clean-up injections with various malicious and blacklisted URLs, which are stored in a separate URL database and regularly updated along with Malware Scanner databases. 

Nginx support for “no panel” installations

If you are managing a server powered by Nginx with a custom panel installed or without a panel, it’s the best time to install Imunify360 on it and protect your server proactively from all known threats, including all sorts of L7 attacks, malware, and web spam. 

Imunify360 could be easily configured with a few steps on a “panel-less” setup, so you will start to benefit from the security suite almost instantly.

Detailed documentation on how to configure Imunify360 with Nginx and ModSecurity v3 is available here.

Im360V5.4-1

Gradual removal of "Delete" and "Quarantine" Default Actions

During the last few years, Imunify products utilized several ways of handling malicious files in the Malware Scanner, giving users an option to choose a way that fits them best (Delete permanently, Quarantine file, Cleanup, or Just display in the dashboard). It’s been a while since we introduced the options, and some of them are obsolete and outdated (basically, they can cause issues). It was explained in detail in our blog post some time ago.

Im360V5.4-2

Ultimately, the Cleanup option includes everything needed to make the malware removal process safe and effective, and the websites remain operational afterward, unlike the quarantining and entire deletion of malicious files. None of the obsolete actions (Delete, Quarantine) can deal with injections, which are roughly half of all malicious entries found on infected websites, but the clean-up can.

Version 4.5 introduces the first step of “Delete” and “Quarantine” Default Action removal in the Malware Scanner UI. The options will still be available via the configuration file and the CLI, but they will be removed from the Settings’ drop-down list. If you have it selected, we recommend changing the Default Action to “Cleanup” (otherwise, it will not be changed upon the Imunify360 upgrade automatically; thus, you will continue using some of the obsolete Default Actions). There will be no issue with that, but we will remove them completely in v5.8 (in 3-4 months). All new installations will have “Cleanup” as Default Action.

Restore from the Quarantine is available until the “Quarantine” Default Action is completely removed from the product. You could still manage files in quarantine if they have been quarantined earlier.

Malware Database Scanner (MDS) improvements for WordPress

We continue improving the database scanning engine. Another update allows admin to detect and clean-up injections with various malicious and blacklisted URLs in the WordPress database. Imunify will automatically update the URL blacklists and detect all known malicious injections of <IFRAME> and <SCRIPT> that can harm your website’s reputation. 

Check our instructions on how to run the Malware Database Scanner from the command-line. 

If you have not yet got a chance to test our CLI version of Malware Database Scanner, check it out now and let us know how we could improve it. Please, read a comprehensive guide on the tool in our blog first.


Additional information

Imunify360 v5.4.2 includes 106 tasks and 37 bug fixes.

Internal records

Important tasks and issues linked to support tickets.

DEF-13869
DEF-13901
DEF-13946
DEF-13998
DEF-14006
DEF-14084
DEF-14127
DEF-14157
DEF-14178
DEF-14197
DEF-14198
DEF-14227
DEF-14244
DEF-14258
DEF-14268
DEF-14294
DEF-14321
DEF-14337
DEF-14350
DEF-14371
DEF-14378
DEF-14409

Significantly improved detection rate and malicious code deobfuscator.
DEF-14123 Enhancement in Proactive Defense allows to track move_uploaded_files function
DEF-11118 Support of serialized data in the Malware Database Scanner
DEF-14196 ‘wp_options’ table processing in the Malware Database Scanner
DEF-13641 Fixed bug with not converted filenames from CSV and JSON reports

DEF-14226
DEF-14353
DEF-14525
DEF-14569

Fixed multiple PAM issues due to missing check of  "dovecot_imunify_domainowner"
DEF-14370 DEF-14352

Fixed SELinux policies for OSSEC:

  • Imunify360 policy needs to be applied manually to fix logrotate issues
  • No manual actions required to fix failed OSSEC service
DEF-14624

Fixed “500 Internal Server Error” for IPv6 addresses connecting to WebShield

DEF-12767

Fixed migration issue

DEF-14346 DEF-12907

Proactive Defense: Enhanced ionCube loader support

DEF-14672

Use tmpreaper to cleanup temporary ModSecurity files

DEF-14652

Added support of Cloudflare’s’ APO (Automatic Platform Optimization) for WordPress

 

Stay in touch

Please give our product team feedback on this version 5.4.2 release, or share your ideas and feature requests via feedback@imunify360.com.

If you encounter any problems with this release, please send a comment or request to our Imunify support team via cloudlinux.zendesk.com.

How To Install

To install the new Imunify360 version 5.4.2, please follow the installation instructions.

How To Upgrade

If you want to upgrade to the new Imunify360 version 5.4.2 right now, you can use the updated script by running the following commands:

wget https://repo.imunify360.cloudlinux.com/defence360/imunify-force-update.sh
bash imunify-force-update.sh

For the regular and safe update to Imunify360 version 5.4.2 with a gradual rollout.

CentOS/CloudLinux systems:

yum update imunify360-firewall

Ubuntu 16.04 and 18.04 systems:

apt-get update
apt-get install --only-upgrade imunify360-firewall

Topics: Imunify360, Release

Dmitry Tkachuk

Written by Dmitry Tkachuk

Imunify Security, Product Manager

    Subscribe to Email Updates

    Ready to try Imunify?

    30-DAY TRIAL

    Recent Posts