[VPS Addons] ConfigServer eXploit Scanner

This article is part of a series covering licensed software that can or will be included on a Self Managed or Fully Managed VPS plan.

Other articles on this subject are:

• Managed SonicWALL Hardware Firewall
• Litespeed Web Server
• cPanel and WHM
• CloudLinux
• KernelCare
• SpamExperts Outbound Filtering
• Softaculous Applications Installer
• R1Soft Incremental Server Backups

—

What is CXS (ConfigServer eXploit Scanner)?

ConfigServer eXploit Scanner (CXS) is a tool from us that performs active scanning of files as they are uploaded to the server.

Features:

• Actively scans all modified files within user accounts using the cxs Watch daemon regardless of how they were uploaded
• PHP upload scripts (via ModSecurity)
• Perl upload scripts (via ModSecurity)
• CGI upload scripts (via ModSecurity)
• Any other web script type that utilises the HTML multipart/form-data (via ModSecurity)
• Pure-ftpd uploads

The active scanning of files can help prevent exploitation of an account by malware by deleting or moving suspicious files to quarantine before they become active. It can also prevent the uploading of PHP and perl shell scripts, commonly used to launch more malicious attacks and for sending spam.

CXS also allows you to perform on-demand scanning of files, directories and user accounts for suspected exploits, viruses and suspicious resources (files, directories, symlinks, sockets). You can run scans of existing user data to see if exploits have been uploaded in the past or via methods not covered by the active scanning. It has been tuned for performance and scalability.

Requirement: 

• cPanel/WHM

Any other queries or clarification you’d like on a specific function?

Pop an eTicket through to our sales team who can assist on your queries. We’re here 24 x 7 and can handle any pre-sale questions you may have.