How to Install/Uninstall ImunifyAv / ImunifyAv+ / Imunify360 in WHM/cPanel Server

How to Install/Uninstall ImunifyAv / ImunifyAv+ / Imunify360 in WHM/cPanel Server

Imunify360 scanner:

Imunify360 is a security solution for Linux web servers based on machine learning technology. It employs a multi-layer strategy to give complete protection against any kind of malicious assaults or unusual activity, including distributed brute force attacks.

Imunify360 provides:

  • An advanced firewall that can defend against brute force attacks, DoS attacks, and port scans. It has cloud heuristics and artificial intelligence to detect new threats and keep all servers using the program safe.
  • An extensive set of "deny" policy rules is compiled by an intrusion detection and protection system (IDPS) to block all known assaults.
  • Malware scanning is the automatic examination of file systems for the insertion of malware and the removal of contaminated files.
  • Rebootless Patch Management Secure The server is kept secure using Kernel powered by KernelCare, which automatically patches kernels without requiring a server reset.
  • Website Reputation Monitoring: determining whether any IP addresses or websites are blacklisted and informing users if they are.
  • Proactive Defense - By automatically and instantly stopping potentially dangerous executions, proactive defense secures PHP-powered websites from zero-day attacks.
  • Imunify360 will automatically restrict access to a user's IP address or add the IP address to the Gray List if the user violates the security policies (e.g., attempts to input the incorrect password).
  • The CAPTCHA will appear if users attempt to access the HTTP/HTTPS port (#80/#443) after that. Imunify360 will take that user off the Gray List if they successfully complete the CAPTCHA. The IP address will be automatically added to the Gray List once more in the event of continued violations.

Requirements:

Supported operating systems

  • CentOS/RHEL 6,7,8
  • CloudLinux OS 6,7,8
  • Ubuntu 16.04 (LTS only), 18.04, and 20.04 (LTS)
  • Debian 9 and 10
  • AlmaLinux 8

Hardware

  • RAM: 1GB
  • HDD: 20GB available disk space
  • CPU: 64bit version on x86_64 processors only

Supported Web-servers

  • Apache
  • LiteSpeed
  • Nginx
Note:

- Install ImunifyAv scanner - Free (without LICENSE KEY)

- Install ImunifyAv+ scanner - Paid (with LICENSE KEY)

- Install Imunify360 scanner - Paid (with LICENSE KEY)

1) Installation ImunifyAV:

  • To install ImunifyAV proceed with the following steps:

Step 1: Log in with root privileges to the server where ImunifyAV should be installed.

Step 2: Go to '/usr/local/src/' directory and run the commands:

# cd /usr/local/src/

# wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.sh -O imav-deploy.sh

# bash imav-deploy.sh

2) Installation ImunifyAV+:

  • If you already have the ImunifyAV+ license key you can use it during installation:
# wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.sh -O imav-deploy.sh

# bash imav-deploy.sh --key YOUR_KEY

Note: where YOUR_KEY is your license key. Replace YOUR_KEY with the actual key purchased at https://www.imunify360.com/.

  • If you have an IP-based license for ImunifyAV+, use IPL as the license key:
# wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.sh -O imav-deploy.sh

# bash imav-deploy.sh --key IPL
  • To Update ImunifyAV:
# yum update imunify-antivirus

3) To Uninstall ImunifyAV:

Step 1: Stop the ImunifyAV application:

# systemctl stop imunify-antivirus

Or

# service imunify-antivirus stop

Step 2: If you’ve removed the 'imav-deploy.sh' installation script, download it again to uninstall the program:

# cd /usr/local/src/

# wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.sh

# bash imav-deploy.sh --uninstall

4) Install Imunify360 scanner - with LICENSE KEY

Step 1: To install Imunify360, open an SSH connection to your server using your preferred SSH. You will need to have root-level access in order to proceed.

Step 2: To start the installation, run the following script with your activation key:

# wget https://repo.imunify360.cloudlinux.com/defence360/i360deploy.sh

# bash i360deploy.sh --key YOUR_KEY

NOTE: YOUR_KEY for example "ISUSvWoAESnnhHTlhlI"

Step 3: If you have an IP-based license, run the same script with no arguments:

# wget https://repo.imunify360.cloudlinux.com/defence360/i360deploy.sh

# bash i360deploy.sh

Step 4: Registering

  • In the case of registration, the key is passed later, then you can register an activation key via the Imunify360-agent command:
# imunify360-agent register YOUR_KEY

Note: Where YOUR_KEY is your activation key.

  • If you have an IP-based license, you can use the following command:
# imunify360-agent register IPL

Step 5: Enable rules auto-update. Otherwise, you won't get important updates on the ModSecurity ruleset in time

  • For Apache run the following command:
# /usr/local/cpanel/scripts/modsec_vendor enable-updates imunify360-full-apache
  • For LiteSpeed run the following command:
# /usr/local/cpanel/scripts/modsec_vendor enable-updates imunify360-full-litespeed

5) Uninstall Imunify360

Step 1: Log into the server as the 'root' user.
Step 2: Run the following command to download 'i360deply.sh' and uninstall Imunify360.

# wget http://repo.imunify360.cloudlinux.com/defence360/i360deploy.sh

# bash i360deploy.sh --uninstall

Step 3: If CageFS is installed, the following commands must be run after uninstalling Imunify360 to remove files from the user's local directories and remount CageFS. These files are not deleted automatically and can generate errors in the Apache log.

  • Verify that CageFS is installed:
# rpm -q cagefs
  • If CageFS is installed, update CageFS:
# /usr/sbin/cagefsctl  --force-update
  • Remount CageFS:
# /usr/sbin/cagefsctl  --remount-all

Step 4: Disable updates

If you need to disable Imunify360 then you need to disable updates as well by editing the cron file and commenting out the update command.

/etc/cron.daily/imunify360.cron

Conclusion:

Our support team has provided a complete explanation in this post and we have also covered the details of how to display the results of the operation.

Subscribe to The MakInfraTek Blogs

Sign up now to get access to the library of members-only issues.
Jamie Larson
Subscribe