We’re pleased to announce that a new version of Imunify360, version 5.6, is now available. The following features are new in the v5.6 release:
This is what we’ve updated in version 5.6:
Unwanted traffic produced by various bad bots causes excessive CPU load and consumes extra memory. It makes real visitors wait until the server processes the bot's requests.
Starting from version 5.6, Imunify360 distinguishes bots from real visitors using the JavaScript challenge "Splash Screen." Most bots don’t solve the challenge, and their requests will not reach web applications such as WordPress, Drupal, and others. This saves the server’s resources and protects websites from scanners, automated attacks, and web-spammers.
It is worth mentioning that only bad actors will be redirected to the Imunify360 Splash Screen challenge page. Legitimate visitors get original content without any verification page nor any delay. The users forced to the Splash Screen will not see the challenge or CAPTCHA and be redirected to the page with the original content. Cookies and JavaScript support are required in a browser to successfully pass the challenge of Anti-bot protection.
Imunify360 is capable of distinguishing legitimate bots (e.g., Google crawler) and will not block them. Therefore, the “Anti-bot protection” feature will not cause indexing issues.
This is an experimental feature. As always, it will be released in the disabled state.
We’re planning to improve the feature further and add some additional configuration options, including URL exclusion. That would allow whitelisting particular resources where the bot activity is permitted. This feature is scheduled for the next releases.
To enable Anti-bot protection, go to the General tab in the Settings and check the Anti-bot protection checkbox.
You can also enable Anti-bot protection with this CLI command:
# imunify360-agent config update '{"WEBSHIELD": {"splash_screen": true}}'
Starting from version 5.6, Imunify360 supports the current version of the Ubuntu operating system. It can be installed in the following environments in just a few clicks:
Ubuntu 20 |
|
Plesk |
|
DirectAdmin |
|
Stand-alone installation |
|
The Imunify360 installation process remains the same.
In the previous versions of Imunify360 working with Acronis Backups, users periodically faced a “401 client error” issue once the token expired. We’ve improved the way how Imunify360 works with Acronis. Now it automatically requests new tokens every time the old one is expired. The Imunfy users don’t need to perform any extra actions manually. All actions to refresh a token are performed transparently in the background.
During the last few years, Imunify products utilized several ways of handling malicious files in the Malware Scanner. This gave users an option to choose the method that fits best (Delete permanently, Quarantine file, Cleanup, or Just display in the Dashboard). It’s been a while since we introduced the options. Some of them have become obsolete and outdated (basically, they can cause issues). It was explained in detail in our blog post some time ago.
In fact, the Cleanup option already includes everything needed to make the malware removal process safe and effective. Afterward, websites remain operational, unlike quarantining and deletion of entire partially infected but otherwise legit files. None of the obsolete actions (Delete and Quarantine) can deal with injections, roughly half of all malicious entries found on infected websites, but the Clean-up can.
Version 5.6 introduces the second stage of “Delete” and “Quarantine” Default Action removal. It will switch Delete and Quarantine options to Cleanup forcibly. Note that there is no option to switch back to the obsolete actions.
Note, restoration from the Quarantine is available until the “Quarantine” Default Action is completely removed from the product (v5.8, April 2021). You can still manage files in the quarantine if they were quarantined earlier.
Since the PAM feature release, we have received a few reports regarding the server’s excessive network usage caused by the PAM. The source of the issue is DNS queries to Imunify RBL-server-initiated upon every request that PAM handles.
We’ve addressed the issue and changed the workflow. In Imunify360 v5.6, all RBL responses are being cached locally minimizing the network traffic and allowing PAM to process requests much faster. Cache timeout may vary depending on the query types and results from 1 minute up to 1 hour. The fix is enabled from the beginning and does not require any manual setup steps.
Imunify360 v5.6 includes 163 tasks and 38 bug fixes.
Other tasks |
|
DEF-14341 |
Malware ignore patterns moved to /etc/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-admin-paths.txt |
DEF-15189 |
Fix for wrong OSSEC/PAM rules inclusion in rare cases |
DEF-14766 DEF-15119 DEF-15152 DEF-15209 DEF-15260 DEF-15273 DEF-15311 DEF-15327 DEF-15338 DEF-15403 DEF-15422 DEF-15435 DEF-15469 DEF-15589 DEF-15609 |
Deobfuscator enhancement |
DEF-14574 |
Improved cleanup resolves the cleanup failure for files from different scans |
DEF-14910 |
Cron task generation for AppVersionDetector for non-Apache based servers |
DEF-15202 |
Fix for issue with messages processing in the Agent by adding a timeout message processing timeout |
DEF-15212 |
Fix for blank page in the UI |
DEF-15239 |
Enhanced PAM module reporting |
DEF-15320 |
Change default systemd watchdog timeout to 60 sec |
DEF-15423 DEF-15426 DEF-15433 |
Removed leftover cron jobs on uninstall |
DEF-15704 |
Fixed excessive warning message “YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated” |
DEF-15857 |
Do not use "-waf-rule-engine on" when updating ModSecurity ruleset on Plesk |
Please give our product team feedback on this version 5.6 release, or share your ideas and feature requests via feedback@imunify360.com.
If you encounter any problems with this release, please send a comment or request to our Imunify support team via cloudlinux.zendesk.com.
To install the new Imunify360 v.5.6, please follow the instructions in the documentation.
If you want to upgrade to the new Imunify360 version 5.6 right now, you can use the updated script by running the following commands:
wget https://repo.imunify360.cloudlinux.com/defence360/imunify-force-update.sh -O imunify-force-update.sh
bash imunify-force-update.sh
For the regular and safe update to Imunify360 version 5.6 with a gradual rollout.
CentOS/CloudLinux systems:
yum update imunify360-firewall
Ubuntu 16.04, 18.04, and 20.04 systems:
apt-get update
apt-get install --only-upgrade imunify360-firewall
Debian 9 and 10 systems:
apt-get update
apt-get install --only-upgrade imunify360-firewall