Important Vulnerability on Advanced Custom Fields Plugin for WordPress

 

Some Imunify360 customers don’t use the Auto Cleanup option because they’re afraid that it will break client web sites. They’re afraid that if a WordPress index.php file gets infected, for instance, the file will be blocked by Malware Scanner for Linux servers, and the web site will go down.

These fears are unfounded. Malware Scanner removes malicious code that’s been injected into a file, while leaving the rest of the file intact. It also removes malicious files that have been included into other files. Enabling Auto Cleanup is completely safe and effective.

 

In version 4.5, Imunify360 introduced a new way to prevent brute-force attacks against mail accounts: a PAM module extension that integrates with cPanel to block attacks that target the Exim and Dovecot bundle.

Let’s explore the problems that this new PAM module extension solves, examine how it works, and learn how to use it.

 

 

 

When the Imunify360 Malware Scanner for Linux servers component identifies an injected code snippet as malicious, how can you tell it’s malicious? How can you avoid reporting this malicious code as a false-positive? The Imunify product team can show you how.

Previously, Imunify360 had to be installed through a particular control panel, such as cPanel (read more about cPanel security), DirectAdmin, or Plesk (read more about Plesk security). Now, with version 4.5, it can be installed directly on the server, independent of any panel, regardless of the administrative interface.

 

This new version of Imunify360 can be run on any CentOS 6/7, Ubuntu 16/18, RHEL 6/7, or Cloudlinux 6/7 server with Apache web server. It provides complete six-layer security for Linux VPS, dedicated, and shared servers--without requiring any web control panel.