Imunify360 is available with CyberPanel v2.0.0, but before using it you need to convert your operating system to CloudLinux OS. Use this guide to convert to Cloudlinux and install CageFS.
Convert CyberPanel to CloudLinux OS and Install CageFS
If you have already installed and configured CloudLinux and updated your CyberPanel to at least version 1.9.5, go to Security->Imunify360
Click on the option and you will see the following screen
Enter your Imunify360 key and click the "Install Now" Button
CyberPanel will start the installation and integration of Imunify360 immediately. CyberPanel uses Imunify360's API to tightly integrate it with CyberPanel.
After being completely installed and integrated into CyberPanel, CyberPanel will show you the following page
Click the access now to activate Imunify and access the integrated panel. You will be presented will a login screen
Use your root credentials to log in, your CyberPanel administration credentials won't work.
On the next screen read the terms and condition and accept them
It will take you to Imunify360 dashboard and ask for your email address in case you want to receive an email notification for any security breach or security issue on you server
Click save or skip depending on your choice and Imunify will be up and running for your server.
You will be presented with the following dashboard which will show you the current security status of your server and the issues if there are any
From the top menu, you can use any option to scan or tweak settings. For example, in order to scan current users or files, click the "Malware Scan" option in the top menu and you will see the following
Here you can scan based on user or files.
Other menu options provide you a way to change firewall settings, setup or change your proactive defense mechanism and modify the parameters for KernelCare.
In order to use Imunfiy360 rules in ModSecurity, go to https://<SERVER>:8090/firewall/modSecurity or Click ModSecurity Conf in the menu
Enable SecRuleEngine
Now you need to add the rules from Imunify to ModSecurity
In order to to do that go to https://<SERVER>:8090/firewall/modSecRules or click ModSecurity Rules
Add the following line to the end and click Save Rules!
IncludeOptional /etc/sysconfig/imunify360/generic/modsec.conf
Imunify ruleset has been successfully added to ModSecurity
It is recommended that additional rulesets shouldn't be enabled to avoid clashes. In order to disable them, go to https://<SERVER>:8090/firewall/modSecRulesPacks
Turn off all the Rule Packs here
In this 10 minutes guide, you have successfully installed and used Imunify360 for your CyberPanel server.
CloudLinux and CageFS integration are available from CyberPanel v1.8.6. However, before using CageFS you need to be on CloudLinux OS. So before moving forward convert your CyberPanel server to CloudLinux and install CageFS.
From the official documentation:
CageFS is a virtualized, per-user file system that uniquely encapsulates each customer, preventing users from seeing each other and viewing sensitive information. CageFS prevents a large number of attacks, including most privilege escalation and information disclosure attacks. It is completely transparent to your customers, without any need for them to change their scripts.
So now when you create any website, you can enable CageFS on the website user, that user will then see a virtualized file system.
In order to manage CageFS for individual users, log in to LVE manager by going to <IP_ADDRESS>:9000
Use your root credentials to log in, you CyberPanel administration credentials won't work.
When you are logged in you will see this
At the menu on the top, Click on Users where you will see all the list of users on the server
From this screen, you can enable or disable CageFS for any user by clicking the pencil icon in the end, the user's resource limits can be increased or decreased easily from same interface.
Click save after you have changed it to the values you like.
That's how you can easily manage CageFS for all your users.
CloudLinux and CageFS is available with CyberPanel v.1.8.6, but before using any of its features, you need to convert your operating system to CloudLinux OS. Use commands below to convert your server to CloudLinux OS.
If you have CloudLinux activation key:
wget https://repo.cloudlinux.com/cloudlinux/sources/cln/cldeploy sh cldeploy -k <activation_key> reboot
Or if you have IP based license
wget https://repo.cloudlinux.com/cloudlinux/sources/cln/cldeploy sh cldeploy -i reboot
This will successfully convert your OS to CloudLinux.
After installing you can go to https://<YOUR_SERVER>:8090/CloudLinux/listPackages and click on the activate button. This will activate CloudLinux for CyberPanel by processing all the integrations needed.
You can then install and use CloudLinux related features within CyberPanel including CageFS.
When you have converted CyberPanel to Cloudlinux OS and activated it from CyberPanel, it comes with a new LVE Manager, the user interface for managing Cloudlinux and CageFS is now maintained separately on port 9000.
When you open <IP_ADDRESS>:9000, you will be met with the following screen.
Use your root credentials to log in, your CyberPanel administration credentials won't work.
On the next screen, you will be greeted with the following
Use the start wizard to install CageFS, you will see the following
Make sure to check the box "Install CageFS" and turn on both options below it to make sure it's activated for all existing and new customers.
Once you click "Start Installation" you will be redirected and in a minute or so CageFS will be installed you will see the following screen
Congratulations you have successfully installed CageFS and configured it for existing and new accounts.