Imunify360 Blog - Imunify360 3.9.5 is here
Imunify360 and Imunify Sensor Blog

Imunify360 3.9.5 is here

imunify_update

We are pleased to announce that a new, updated Imunify360 version 3.9.5 is now available. This latest version embodies further improvements of the product as well as fixes.

If you encounter any problems with the product, or have any questions, comments, or suggestions, please contact our support team at cloudlinux.zendesk.com: the Imunify360 department. We’d be more than happy to help.

The major improvements and fixes are listed as follows. Please find the full changelog below.

Improvements

  • Malware Scanner: added new option “Follow symlinks” for On-Demand scanning. It’s disabled by default.

     

    MalwareScanner

     

  • Malware Scanner: reworked quarantine - new quarantine folder and how it behaves by default.
  • Malware Scanner: added new setting for ClamAV

     

    MalwareScanner

     

  • Malware Scanner: a human-readable signature identifier next to the file instead of php_mlw.xxxxxxx.
  • WebShield: Imunify360 properly handles traffic coming from CloudFlare/MaxCDN. The settings option is enabled for all new installs of Imunify360.

     

    WebShield

     

  • WebShield: custom certificate support, default SNI certificate support.
  • DoS plugin: reduced the number of “false-positives”. The lower threshold (minimal value) is set to 150. New parameter added to specify connection limits per port (port_limits).
  • Proactive Defense: added PHP 7.3 support, native PHP version support (including Plesk and DirectAdmin panels).
  • Ubuntu 18.04 is now supported (for Plesk and DirectAdmin panels).
  • Improved UI performance and responsiveness in Plesk.
  • Added a CLI diagnostic tool for administrators to check ModSecurity settings for cPanel setup (check modsec/fix modsec commands added).
  • New documentation look’n’feel at https://docs.imunify360.com/.

Bug Fixes

  • The agent is launched correctly even when the OSSEC configuration is broken.
  • Some other changes that improve overall stability and performance.
  • Malware Scanner: database & log files, user mailboxes, and other system files are no longer being quarantined.
  • Malware Scanner: fixed scanning report in the UI when infection was detected by ClamAV but should not be displayed to a user.
  • Malware Scanner: fixed bug with incorrectly updating malware database for a cleanup.
  • UI: The URL of the new CLN page is updated in the Imunify360 UI.
  • Configs: fixed bug with duplicated “X-Real-IP” field in HTTP header.
  • Proactive Defense: end of EasyApache 3 support.
  • Fixed Imunify360 migration process when Imunify360 config is broken or user doesn’t exist anymore.
  • Fixed the cleanup process for quarantined files. Now, if a file fails to clean up for some reason it is returned to the quarantine.
  • Fixed a bug regarding malicious files detection after being replaced with another file.
  • Fixed a security issue regarding files quarantine.
  • Fixed package dependencies for alt-python35.
  • WebShield with CDN support is disabled by default.
  • We have fixed a couple of major issues in Malware Scanner so mailbox files and logs are whitelisted properly and won’t be added to quarantine because of a false-positive detection in some cases.
  • We have fixed an issue with Imunify360 service hanging when pipe is created in some folders (e.g. /var/tmp).

How to upgrade

To upgrade Imunify360 on CentOS/CloudLinux systems, run the command:

yum update imunify360-firewall

To upgrade Imunify360 on Ubuntu 16.04 and 18.04 systems, run the command:

apt-get update
apt-get install --only-upgrade imunify360-firewall

How to install

To install the new Imunify360 version 3.9.5, please follow the instructions in the documentation.

+ Changelog

Tasks

  • DEF-6405: CheckRunError: Command systemctl restart pure-ftpd returned non-zero code 5.
  • DEF-6423: TypeError: join() argument must be str or bytes, not 'int'.
  • DEF-6532: Agent doesn't reconnect after imunify360.cloudlinu8x.com certificate is temporarily becomes invalid.
  • DEF-6542: Agents on some servers don't parse OSSEC events properly.
  • DEF-6673: TypeError: unsupported operand type(s) for +: 'IPv6Address' and 'str'.
  • DEF-6736: Fix CageFS error for imunifyAV.
  • DEF-6800: Stop spamming Imunify360 log with ImunifyAV custom billing messages.
  • DEF-6806: Switching known_proxies_support works incorrectly with firewalld.
  • DEF-6813: Replace avOnly with more suitable actions.
  • DEF-6846: Inotify traceback in console.log: UnicodeDecodeError.
  • DEF-6935: FileNotFoundError: [Errno 2] No such file or directory: '/opt/alt/php71/usr/bin/php'.
  • DEF-6996: Fix issue with IP input in Safari.
  • DEF-7003: ValueError: 'ALL\n103.21.244.0/22T\n103.22.200.0/22T\n103.31.4.0/22T\n104.16.0.0/12T\n108.162.192.0/18T\n131....
  • DEF-7044: IndexError: list index out of range.
  • DEF-7078: Existing country blacklist chain prevents rules creation on agent startup.
  • DEF-7108: Migration 113_move_quarantined_files.py not working.
  • DEF-6603: fixed a bug when Imunify360 sometimes breaks Nginx configuration.
  • DEF-7042: Hash in the DB does not match real file hash.
  • DEF-7295: 114 migration fails if user config is not valid or user doesn't exist anymore.
  • DEF-7317: raise Node.js version in rpm/deb specs (build dependencies).
  • DEF-6684: add Imunify360-related directories to static Ignore List for Malware scan.
  • DEF-7348: clean up websites using external databases procu2.db.
  • DEF-6544: create and discuss tasks for level A WCAG requirements.
  • DEF-7208: update default CLN page URL in Imunify360 UI.
  • DEF-7037: disable Proactive Defence support for EasyApache 3.
  • DEF-6863: Make Webshield use first SSL certificate when no SNI.
  • DEF-5295: Blocked ports should be managable in CSF cooperation mode.
  • DEF-5974: Ubuntu 18.04 support.
  • DEF-6046: DoS Protection improvement: Reduce false positive from cl_dos plugin.
  • DEF-6199: Do not process events from Blamer (Proactive Defense).
  • DEF-6248: Getting a list of users works extremely slow on Plesk.
  • DEF-6290: Unify headers.
  • DEF-6388: Configuration check for mod_sec priority 1 - cPanel.
  • DEF-6397: UI changes due to DOS config field changes.
  • DEF-6404: Install mod_security automatically for new customers.
  • DEF-6476: Ubuntu 18.04 support - UI.
  • DEF-6488: Parse and display string signature ID in Malware Scanner (ImunifyAV/Imunify360).
  • DEF-6565: Change the way we resolve symlinks in Malware Scanner.
  • DEF-6684: Add Imunify360-related directories to static ignore list for Malware Scanner.
  • DEF-6702: Fix sortable directive.
  • DEF-6804: Add checkbox in settings in UI for Cloudflare.
  • DEF-6810: Validate license by 'signatures' field instead of 'sign'.
  • DEF-6837: Attach Imunify360 config to SERVER_CONFIG message.
  • DEF-6838: known_proxies_support should be enabled by default for new installations.
  • DEF-6845: Allow agent startup even if OSSEC is not working.
  • DEF-6860: Add checkbox in settings to switch known CDNs support.
  • DEF-6880: Add module php_i360 for PHP 7.3.
  • DEF-6881: Reworking quarantine function for Imunify360.
  • DEF-6889: [Imunify360] Add settings option to enable/disable ClamScan as it's been done for ImunifyAV.
  • DEF-6893: Disable TLSv1 in WebShield.
  • DEF-6922: Add "Ignore symlinks" checkbox in On-Demand scan advanced options and in Malware settings.
  • DEF-6926: Disable auto-quarantine files for Imunify360 by default - UI.
  • DEF-6928: Disable ClamAV & Heuristics auto-quarantine files for Imunify360 by default.
  • DEF-6937: Disable heuristic scans.
  • DEF-6962: [Imunify360] Add settings option to enable/disable ClamScan as it's been done for ImunifyAV - UI.
  • DEF-7030: Bump Proactive Defense version to 3.9.0-1.5.
  • DEF-7031: Switch to WAL journal mode for the Imunify360 sqlite database.
  • DEF-7176: Ignore files from quarantine directory during scan.
  • DEF-7207: Release current improvements with Imunify360 3.9 Beta.
  • DEF-7262: Check/fix package dependencies for ImunifyAV.
  • DEF-7299: Symlink attack vulnerability with Quarantine function.
  • DEF-7429: Files ignored on reinfection.
  • DEF-7464: Files are restored from quarantine if clean up fails.
  • DEF-7584: Make WebShield for CDN (Cloudflare) disabled for new installations.
  • DEF-7072: scan locking and breaking email boxes.
  • DEF-7162: lots of false positives for user logs and mail files.
  • DEF-7380: Imunify360 service hangs.
Beta: EasyApache 4 updated
Beta: Alt-PHP updated
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 12 November 2019

Captcha Image