<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">

Release Notes: Imunify360 v6.11 beta

IM360-beta-release

We’re pleased to announce a new beta version of Imunify360. Version 6.11 is now available. The following features are new in the v6.11 beta release:

  • Debian 11 support
    We are proud to announce support for the latest release of the Debian distribution.

  • Real-time Crontab malware cleanup and UI
    We are making the mechanism to fight the Crontab infection better and more convenient in this release by adding UI control and real-time scanner integration.

  • Dovecot native brute force protection enabled by default
    In the Imunify360 product version 6.7, we introduced a brute force protection module for Dovecot that replaces the Pluggable Authentication Module (PAM). The module proved to be reliable and will be switched on by default from now on.

  • Notification of important security events in WHM Contact Manager
    We are introducing a new type of security notification whenever a cPanel account compromise is detected.

Debian 11 support

Imunify360 will now start to support Debian 11 “bullseye” operation system with this release. Web hosting panels support is provided for Plesk, DirectAdmin, and stand-alone type of installation.

Imunify will stop supporting end-of-life Debian 9 starting from v6.12, which is planned to be released in March 2023. We recommend all Debian users upgrade to the latest LTS version as soon as possible to keep the ability to use the most recent versions of Imunify. Updated software is a crucial part of your servers’ security.

List of supported Debian versions:


Real-time crontab malware cleanup and UI

In the previous 6.10 version of Imunify360, we introduced a mechanism allowing us to address Crontab infections with our powerful Malware scanner. We are expanding this mechanism with the current release by linking it with the real-time scanner. This improvement will catch any event of Crontab file modification on the fly in seconds and keep them malware-free in real-time.

Also, we are adding an option to control the feature from the UI. The feature can be managed in the Settings on the Malware tab.

This option enables or disables the scan of the system and user Crontab files for malicious jobs. It can be managed via CLI as well:

To switch it on:

# imunify360-agent config update '{"MALWARE_SCANNING": {"crontabs": true}}'

And to switch it off:

# imunify360-agent config update '{"MALWARE_SCANNING": {"crontabs": false}}'

The cleanup results are available on the Malware and History tabs of the Imunify360 interface as for any other type of malware.

We are going to publish more information about cron files protection in a separate blog post because it is so important to keep cron files protected. Keep watching for updates.

Dovecot native brute force protection enabled by default

Since its release in Imunify360 product version 6.7, the native module for Dovecot with brute force protection functionality proved to be highly reliable. With this release, we decided to switch it on by default for new Imunify360 instances to provide better protection and reliability quality. The option can be tweaked through CLI with the following commands:

Enable:

# imunify360-agent config update '{"PAM": {"exim_dovecot_native": true}}'

Also, make sure that Dovecot protection is enabled:

# imunify360-agent config update '{"PAM": {"exim_dovecot_protection": true}}'

In one of the following versions pluggable authentication module will be instantly replaced by the native module for Dovecot for all servers.

Notification of important security events in WHM Contact Manager 

The Imunify team found that server administrators miss some important security events. That’s why we decided to notify them about the events, such as signs that a cPanel account has been compromised and the account staying under the control of a hacker. When Imunify360 detects suspicious activity, it will send an email with a warning, listing the hostname and the username that has been compromised and suggestions on how to keep accounts secure.

The address and delivery method for such notifications can be configured in WHM's Contact Manager. We prepared a description for your reference on how to manage these security notifications for convenience.

Changelog

Please see the detailed description of the product changes we made in version 6.11 through our publicly available changelog for Imunify360.

Stay in touch

Please give our product team feedback on this version 6.11 release. Share your ideas and feature requests through feedback@imunify360.com or via our feedback form.

If you encounter any problems with this beta release, please send a comment or request to our Imunify support team via the Support Portal.

How to install

To install the new Imunify360 v.6.11 beta, please follow the instructions in the documentation.

How to upgrade

To upgrade Imunify360 on CentOS/CloudLinux/AlmaLinux systems, run the command:

yum update imunify360-firewall --enablerepo=imunify360-testing

To upgrade Imunify360 on Ubuntu 16.04, run the following command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/16.04/ xenial main' > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

To upgrade Imunify360 on Ubuntu 18.04, run the following command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/18.04/ bionic main' > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

To upgrade Imunify360 on Ubuntu 20.04, run the following command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/20.04/ focal main' > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

To upgrade Imunify360 on Debian 9, run the following command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/debian-testing/9/ stretch main'  > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

To upgrade Imunify360 on Debian 10, run the following command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/debian-testing/10/ buster main'  > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

Release Notes: Imunify360 v6.11 beta

IM360-beta-release

We’re pleased to announce a new beta version of Imunify360. Version 6.11 is now available. The following features are new in the v6.11 beta release:

  • Debian 11 support
    We are proud to announce support for the latest release of the Debian distribution.

  • Real-time Crontab malware cleanup and UI
    We are making the mechanism to fight the Crontab infection better and more convenient in this release by adding UI control and real-time scanner integration.

  • Dovecot native brute force protection enabled by default
    In the Imunify360 product version 6.7, we introduced a brute force protection module for Dovecot that replaces the Pluggable Authentication Module (PAM). The module proved to be reliable and will be switched on by default from now on.

  • Notification of important security events in WHM Contact Manager
    We are introducing a new type of security notification whenever a cPanel account compromise is detected.

Debian 11 support

Imunify360 will now start to support Debian 11 “bullseye” operation system with this release. Web hosting panels support is provided for Plesk, DirectAdmin, and stand-alone type of installation.

Imunify will stop supporting end-of-life Debian 9 starting from v6.12, which is planned to be released in March 2023. We recommend all Debian users upgrade to the latest LTS version as soon as possible to keep the ability to use the most recent versions of Imunify. Updated software is a crucial part of your servers’ security.

List of supported Debian versions:


Real-time crontab malware cleanup and UI

In the previous 6.10 version of Imunify360, we introduced a mechanism allowing us to address Crontab infections with our powerful Malware scanner. We are expanding this mechanism with the current release by linking it with the real-time scanner. This improvement will catch any event of Crontab file modification on the fly in seconds and keep them malware-free in real-time.

Also, we are adding an option to control the feature from the UI. The feature can be managed in the Settings on the Malware tab.

This option enables or disables the scan of the system and user Crontab files for malicious jobs. It can be managed via CLI as well:

To switch it on:

# imunify360-agent config update '{"MALWARE_SCANNING": {"crontabs": true}}'

And to switch it off:

# imunify360-agent config update '{"MALWARE_SCANNING": {"crontabs": false}}'

The cleanup results are available on the Malware and History tabs of the Imunify360 interface as for any other type of malware.

We are going to publish more information about cron files protection in a separate blog post because it is so important to keep cron files protected. Keep watching for updates.

Dovecot native brute force protection enabled by default

Since its release in Imunify360 product version 6.7, the native module for Dovecot with brute force protection functionality proved to be highly reliable. With this release, we decided to switch it on by default for new Imunify360 instances to provide better protection and reliability quality. The option can be tweaked through CLI with the following commands:

Enable:

# imunify360-agent config update '{"PAM": {"exim_dovecot_native": true}}'

Also, make sure that Dovecot protection is enabled:

# imunify360-agent config update '{"PAM": {"exim_dovecot_protection": true}}'

In one of the following versions pluggable authentication module will be instantly replaced by the native module for Dovecot for all servers.

Notification of important security events in WHM Contact Manager 

The Imunify team found that server administrators miss some important security events. That’s why we decided to notify them about the events, such as signs that a cPanel account has been compromised and the account staying under the control of a hacker. When Imunify360 detects suspicious activity, it will send an email with a warning, listing the hostname and the username that has been compromised and suggestions on how to keep accounts secure.

The address and delivery method for such notifications can be configured in WHM's Contact Manager. We prepared a description for your reference on how to manage these security notifications for convenience.

Changelog

Please see the detailed description of the product changes we made in version 6.11 through our publicly available changelog for Imunify360.

Stay in touch

Please give our product team feedback on this version 6.11 release. Share your ideas and feature requests through feedback@imunify360.com or via our feedback form.

If you encounter any problems with this beta release, please send a comment or request to our Imunify support team via the Support Portal.

How to install

To install the new Imunify360 v.6.11 beta, please follow the instructions in the documentation.

How to upgrade

To upgrade Imunify360 on CentOS/CloudLinux/AlmaLinux systems, run the command:

yum update imunify360-firewall --enablerepo=imunify360-testing

To upgrade Imunify360 on Ubuntu 16.04, run the following command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/16.04/ xenial main' > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

To upgrade Imunify360 on Ubuntu 18.04, run the following command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/18.04/ bionic main' > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

To upgrade Imunify360 on Ubuntu 20.04, run the following command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/20.04/ focal main' > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

To upgrade Imunify360 on Debian 9, run the following command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/debian-testing/9/ stretch main'  > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall

To upgrade Imunify360 on Debian 10, run the following command:

echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/debian-testing/10/ buster main'  > /etc/apt/sources.list.d/imunify360-testing.list
apt-get update
apt-get install --only-upgrade imunify360-firewall
Subscribe to Imunify security Newsletter