Imunify360 is available with CyberPanel v2.0.0, but before using it you need to convert your operating system to CloudLinux OS. Use this guide to convert to Cloudlinux and install CageFS.

 Convert CyberPanel to CloudLinux OS and Install CageFS

If you have already installed and configured CloudLinux and updated your CyberPanel to at least version 1.9.5, go to Security->Imunify360

Click on the option and you will see the following screen

Enter your Imunify360 key and click the "Install Now" Button

CyberPanel will start the installation and integration of Imunify360 immediately. CyberPanel uses Imunify360's API to tightly integrate it with CyberPanel.

After being completely installed and integrated into CyberPanel, CyberPanel will show you the following page

Click the access now to activate Imunify and access the integrated panel. You will be presented will a login screen

Use your root credentials to log in, your CyberPanel administration credentials won't work.

On the next screen read the terms and condition and accept them

It will take you to Imunify360 dashboard and ask for your email address in case you want to receive an email notification for any security breach or security issue on you server

Click save or skip depending on your choice and Imunify will be up and running for your server.

You will be presented with the following dashboard which will show you the current security status of your server and the issues if there are any

From the top menu, you can use any option to scan or tweak settings. For example, in order to scan current users or files, click the "Malware Scan" option in the top menu and you will see the following

Here you can scan based on user or files.

Other menu options provide you a way to change firewall settings, setup or change your proactive defense mechanism and modify the parameters for KernelCare.

Using ModSecurity with Imunify360

In order to use Imunfiy360 rules in ModSecurity, go to https://<SERVER>:8090/firewall/modSecurity or Click ModSecurity Conf in the menu

 

Enable SecRuleEngine

 

 

Now you need to add the rules from Imunify to ModSecurity
In order to to do that  go to https://<SERVER>:8090/firewall/modSecRules  or click ModSecurity Rules

Add the following line to the end and click Save Rules!

IncludeOptional /etc/sysconfig/imunify360/generic/modsec.conf

 

Imunify ruleset has been successfully added to ModSecurity

It is recommended that additional rulesets shouldn't be enabled to avoid clashes. In order to disable them, go to https://<SERVER>:8090/firewall/modSecRulesPacks

Turn off all the Rule Packs here

 

In this 10 minutes guide, you have successfully installed and used Imunify360 for your CyberPanel server.

CloudLinux and CageFS integration are available from CyberPanel v1.8.6. However, before using CageFS you need to be on CloudLinux OS. So before moving forward convert your CyberPanel server to CloudLinux and install CageFS.


What is CageFS?

From the official documentation:

CageFS is a virtualized, per-user file system that uniquely encapsulates each customer, preventing users from seeing each other and viewing sensitive information. CageFS prevents a large number of attacks, including most privilege escalation and information disclosure attacks. It is completely transparent to your customers, without any need for them to change their scripts.

So now when you create any website, you can enable CageFS on the website user, that user will then see a virtualized file system.


How to enable/disable CageFS for users?

In order to manage CageFS for individual users, log in to LVE manager by going to <IP_ADDRESS>:9000

Use your root credentials to log in, you CyberPanel administration credentials won't work.

When you are logged in you will see this

 

At the menu on the top, Click on Users where you will see all the list of users on the server

 

From this screen, you can enable or disable CageFS for any user by clicking the pencil icon in the end, the user's resource limits can be increased or decreased easily from same interface.

 

 

Click save after you have changed it to the values you like.

That's how you can easily manage CageFS for all your users.

 

CloudLinux and CageFS is available with CyberPanel v.1.8.6, but before using any of its features, you need to convert your operating system to CloudLinux OS. Use commands below to convert your server to CloudLinux OS.

If you have CloudLinux activation key:

wget https://repo.cloudlinux.com/cloudlinux/sources/cln/cldeploy
sh cldeploy -k <activation_key>
reboot

Or if you have IP based license

 

wget https://repo.cloudlinux.com/cloudlinux/sources/cln/cldeploy
sh cldeploy -i
reboot

This will successfully convert your OS to CloudLinux.

After installing you can go to https://<YOUR_SERVER>:8090/CloudLinux/listPackages and click on the activate button. This will activate CloudLinux for CyberPanel by processing all the integrations needed.

You can then install and use CloudLinux related features within CyberPanel including CageFS.

When you have converted CyberPanel to Cloudlinux OS and activated it from CyberPanel,  it comes with a new LVE Manager, the user interface for managing Cloudlinux and CageFS is now maintained separately on port 9000.

When you open <IP_ADDRESS>:9000, you will be met with the following screen.

Use your root credentials to log in, your CyberPanel administration credentials won't work.

On the next screen, you will be greeted with the following

 

Use the start wizard to install CageFS, you will see the following

 

Make sure to check the box "Install CageFS" and turn on both options below it to make sure it's activated for all existing and new customers.

Once you click "Start Installation" you will be redirected  and in a minute or so CageFS will be installed you will see the following screen

 

Congratulations you have successfully installed CageFS and configured it for existing and new accounts.

chevron-down