### Show Help for 'start' Command Source: https://docs.imunify360.com/imunifyav/cli This example demonstrates how to display the help message specifically for the 'start' command within the ImunifyAV CLI. ```bash imunify-antivirus start [-h] ``` -------------------------------- ### Agent Started Event Parameters Source: https://docs.imunify360.com/features Example of parameters passed when the Imunify agent starts or restarts. ```json {"version": "4.6.2-2"} ``` -------------------------------- ### View Installation Script Options Source: https://docs.imunify360.com/installation To see all available options for the installation script, use the -h flag. ```bash bash i360deploy.sh -h ``` -------------------------------- ### Install ImunifyAV Source: https://docs.imunify360.com/imunifyav Download and execute the ImunifyAV deployment script to install the software. ```bash wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.sh -O imav-deploy.sh bash imav-deploy.sh ``` -------------------------------- ### Display ImunifyAV Installation Script Help Source: https://docs.imunify360.com/imunifyav View available options and usage instructions for the ImunifyAV installation script. ```bash bash imav-deploy.sh -h ``` -------------------------------- ### Install ImunifyAV with License Key Source: https://docs.imunify360.com/imunifyav Install ImunifyAV and register it with your license key using the --key argument. ```bash wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.sh -O imav-deploy.sh bash imav-deploy.sh --key YOUR_KEY ``` -------------------------------- ### Install ImunifyAV Beta Version Source: https://docs.imunify360.com/imunifyav Install the beta version of ImunifyAV by adding the --beta argument to the deployment script. ```bash bash imav-deploy.sh --beta ``` -------------------------------- ### Install Imunify360 Beta Version Source: https://docs.imunify360.com/installation To install the beta version, add the --beta argument to the deployment script. Ensure you replace YOUR_KEY with your license key. ```bash bash i360deploy.sh --key YOUR_KEY --beta ``` -------------------------------- ### ImunifyAV Agent Active Status Example Source: https://docs.imunify360.com/imunifyav/faq_and_known_issues Example output showing the ImunifyAV agent service as active and running. ```bash [root@host ~]# service imunify360 status -l Redirecting to /bin/systemctl status -l imunify360.service ● imunify360.service - Imunify360 agent Loaded: loaded (/usr/lib/systemd/system/imunify360.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2020-05-13 02:58:43 WIB; 3min 54s ago Main PID: 1234567 (python3) Status: "Demonized" CGroup: /system.slice/imunify360.service ├─1234567 /opt/alt/python35/bin/python3 -m im360.run --daemon --pidfile /var/run/imunify360.pid ├─1234568 /usr/bin/tail --follow=name -n0 --retry /usr/local/cpanel/logs/cphulkd.log ├─1234569 /usr/bin/tail --follow=name -n0 --retry /etc/apache2/logs/modsec_audit.log ├─1234570 /usr/bin/tail --follow=name -n0 --retry /var/ossec/logs/alerts/alerts.json └─1234571 /opt/alt/python27/bin/python2.7 -s /usr/sbin/cagefsctl --wait-lock --force-update-etc May 13 02:58:39 host.domain.com systemd[1]: Starting Imunify360 agent… May 13 02:58:43 host.domain.com systemd[1]: Started Imunify360 agent. May 13 02:58:43 host.domain.com imunify-service[4072717]: Starting migrations May 13 02:58:43 host.domain.com imunify-service[4072717]: There is nothing to migrate ``` -------------------------------- ### Check Imunify360 Service Status Example Output Source: https://docs.imunify360.com/faq_and_known_issues Example output from the 'service imunify360 status -l' command, showing the service is loaded and active. ```text [root@host ~]# service imunify360 status -l Redirecting to /bin/systemctl status -l imunify360.service ● imunify360.service - Imunify360 agent Loaded: loaded (/usr/lib/systemd/system/imunify360.service; enabled; vendor preset: disabled) Active: active (running) since Mon 2020-05-13 02:58:43 WIB; 3min 54s ago Main PID: 1234567 (python3) Status: "Demonized" CGroup: /system.slice/imunify360.service ├─1234567 /opt/alt/python35/bin/python3 -m im360.run --daemon --pidfile /var/run/imunify360.pid ├─1234568 /usr/bin/tail --follow=name -n0 --retry /usr/local/cpanel/logs/cphulkd.log ├─1234569 /usr/bin/tail --follow=name -n0 --retry /etc/apache2/logs/modsec_audit.log ├─1234570 /usr/bin/tail --follow=name -n0 --retry /var/ossec/logs/alerts/alerts.json └─1234571 /opt/alt/python27/bin/python2.7 -s /usr/sbin/cagefsctl --wait-lock --force-update-etc May 13 02:58:39 host.domain.com systemd[1]: Starting Imunify360 agent… May 13 02:58:43 host.domain.com systemd[1]: Started Imunify360 agent. May 13 02:58:43 host.domain.com imunify-service[4072717]: Starting migrations May 13 02:58:43 host.domain.com imunify-service[4072717]: There is nothing to migrate ``` -------------------------------- ### Install ImunifyAV with IP-based License Source: https://docs.imunify360.com/imunifyav Install ImunifyAV using an IP-based license by specifying 'IPL' as the license key. ```bash wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.sh -O imav-deploy.sh bash imav-deploy.sh --key IPL ``` -------------------------------- ### Regular Hook Script Example Source: https://docs.imunify360.com/features Example of a bash script for a regular Imunify360 hook, demonstrating event and subtype handling using jq. ```bash #!/bin/bash data=$(cat) event=$(jq -r '.event' <<< ${data}) subtype=$(jq -r '.subtype' <<< ${data}) case ${event} in malware-scanning) case ${subtype} in started) # do stuff here ;; *) echo "Unhandled subtype: ${subtype}" 1>&2 exit 1 esac ;; *) echo "Unhandled event: ${event}/${subtype}" 1>&2 exit 2 esac ``` -------------------------------- ### Install JQ JSON Processor Source: https://docs.imunify360.com/command_line_interface Install the JQ utility, which is a required prerequisite for the Imunify submission tool. This command is for YUM-based systems. ```bash # yum install jq -y ``` -------------------------------- ### Install Imunify360 with License Key Source: https://docs.imunify360.com/installation Download the deployment script and execute it with your license key. Replace YOUR_KEY with your actual trial or purchased license key. ```bash wget https://repo.imunify360.cloudlinux.com/defence360/i360deploy.sh -O i360deploy.sh bash i360deploy.sh --key YOUR_KEY ``` -------------------------------- ### Start ImunifyAV Agent Source: https://docs.imunify360.com/imunifyav/faq_and_known_issues Command to start the ImunifyAV agent service if it is inactive. ```bash # service imunify-antivirus start ``` -------------------------------- ### Example User List JSON Format Source: https://docs.imunify360.com/imunifyav/stand_alone_mode This is an example of the JSON structure expected from a custom user list script. It includes user IDs, usernames, domains, and package information. ```json { "data": [ { "id": 1000, "username": "ins5yo3", "owner": "root", "domain": "ins5yo3.com", "package": { "name": "package", "owner": "root" }, "email": "ins5yo3@ins5yo3.com", "locale_code": "EN_us" }, { "id": 1001, "username": "ins5yo4", "owner": "root", "domain": "ins5yo4.com", "package": { "name": "package", "owner": "root" }, "email": "ins5yo4@ins5yo4.com", "locale_code": "EN_us" } ], "metadata": { "result": "ok" } } ``` -------------------------------- ### Hook Log Entry - Event Start Source: https://docs.imunify360.com/features Format for logging when a hook event starts, including timestamp, event details, and script path. ```text timestamp event : id : started [native:] name : subtype : script_path ``` -------------------------------- ### Update ImunifyAV Beta on Ubuntu 26.04 Source: https://docs.imunify360.com/imunifyav Sets up the testing repository for Ubuntu 26.04 to install a beta version of ImunifyAV. ```bash echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/26.04/ resolute main' > /etc/apt/sources.list.d/imunify360-testing.list apt-get update apt-get install --only-upgrade imunify-antivirus ``` -------------------------------- ### Install Imunify360 with IP-based License Source: https://docs.imunify360.com/installation For IP-based licenses, run the deployment script without any arguments. ```bash bash i360deploy.sh ``` -------------------------------- ### Download Imunify360 Installer Script Source: https://docs.imunify360.com/control_panel_integration Download the Imunify360 deployment script using wget. ```bash wget https://repo.imunify360.cloudlinux.com/defence360/i360deploy.sh -O i360deploy.sh ``` -------------------------------- ### Make Initial Acronis Backup Source: https://docs.imunify360.com/ids_integration Performs the initial backup after the Acronis backup client is installed. Can optionally wait for completion and output progress. ```python from restore_infected import backup_backends acronis = backup_backends.backend('acronis') acronis.make_initial_backup(trace=False) ``` -------------------------------- ### Malware Ignore Hashes Example Source: https://docs.imunify360.com/features Example format for the malware ignore hashes file, with one SHA256 hash per line. Comments are also supported. ```text # PHP file managers, added 1/10/2024 f157c3ede78333087829cdd211c55822e635d6c419606c3675bc8201b556bc9f 8f6b0462e1ee9c498fe6ae055419eb79b5ef0e8cb359a6d991dbeffa0589ce9b # Adminer, added 14/09/2024 dcfd0433dc46bd82ec5aa7c9998b4ae7087731a45d3a443e3724da7aabe1e4c5 ``` -------------------------------- ### Example Domain-Specific ModSecurity Input Source: https://docs.imunify360.com/control_panel_integration This is an example of the JSON Lines format input that the `modsec_domain_config_script` will receive. Each line contains user, domain, and ModSecurity configuration text for that domain. ```json {"user": "username", "domain": "example.com", "content": "modsec config text"} {"user": "another", "domain": "another.example.com", "content": "..."} ``` -------------------------------- ### ImunifyAV Agent Inactive Status Example Source: https://docs.imunify360.com/imunifyav/faq_and_known_issues Example output showing the ImunifyAV agent service as inactive (dead). ```bash [root@host ~]# service imunify360 status Redirecting to /bin/systemctl status imunify360.service ● imunify360.service - Imunify360 agent Loaded: loaded (/usr/lib/systemd/system/imunify360.service; disabled; vendor preset: disabled) Active: inactive (dead) ``` -------------------------------- ### REALTIME_MALWARE_FOUND Event Configuration Example Source: https://docs.imunify360.com/command_line_interface Specific configuration options for the REALTIME_MALWARE_FOUND event, detailing settings for both script execution and administrator notifications. ```json "REALTIME_MALWARE_FOUND": { "SCRIPT": { "scripts": [], "period": 1, "enabled": False }, "ADMIN": { "period": 1, "admin_emails": [], "enabled": False } ``` -------------------------------- ### Example Admin List JSON Structure Source: https://docs.imunify360.com/imunifyav/stand_alone_mode A sample JSON structure for the admin list file generated by the integration script. ```json { "data": [ { "name": "admin1", "unix_user": "admin", "locale_code": "EN_us", "email": "admin1@domain.zone", "is_main": true }, { "name": "admin2", "unix_user": "admin", "locale_code": "Ru_ru", "email": "admin2@domain.zone", "is_main": false } ], "metadata": { "result": "ok" } } ``` -------------------------------- ### Native Hook Script Example Source: https://docs.imunify360.com/features Example of a Python script for a native Imunify360 hook, showing how to process event and subtype data. ```python def im_hook(dict_param): event = dict_param['event'] subtype = dict_param['subtype'] if event == 'malware-scanning': if subtype == 'started': # do stuff here pass elif subtype == 'finished': # do other stuff here pass else: raise Exception('Unhandled subtype {}'.format(subtype)) else: raise Exception('Unhandled event {}'.format(event)) ``` -------------------------------- ### Example Administrators JSON Format Source: https://docs.imunify360.com/imunifyav/stand_alone_mode This is an example of the JSON structure expected from a custom administrators script. It includes admin names, associated Unix users, locale, email, and main admin status. ```json { "data": [ { "name": "admin1", "unix_user": "admin", "locale_code": "EN_us", "email": "admin1@domain.zone", "is_main": true }, { "name": "admin2", "unix_user": "admin", "locale_code": "Ru_ru", "email": "admin2@domain.zone", "is_main": false }, ], "metadata": { "result": "ok" } } ``` -------------------------------- ### Register Imunify360 with Activation Key Source: https://docs.imunify360.com/installation If the activation key was not provided during installation, register it using the imunify360-agent command. ```bash imunify360-agent register YOUR_KEY ``` -------------------------------- ### Example Domain List JSON Structure Source: https://docs.imunify360.com/imunifyav/stand_alone_mode A sample JSON structure for the domain list file generated by the integration script. ```json { "data": { "example.com": { "document_root": "/home/username/public_html/", "is_main": true, "owner": "username" }, "subdomain.example.com": { "document_root": "/home/username/public_html/subdomain/", "is_main": false, "owner": "username" } }, "metadata": { "result": "ok" } } ``` -------------------------------- ### Set Multiple Scan Parameters Source: https://docs.imunify360.com/imunifyav/cli Applies multiple configuration parameters for malware scanning simultaneously. This example sets both 'cpu' and 'io' for 'MALWARE_SCAN_INTENSITY'. ```bash imunify-antivirus config update '{"MALWARE_SCAN_INTENSITY": {"cpu": 5, "io": 7}}' ``` -------------------------------- ### Initialize Acronis Backend Agent Source: https://docs.imunify360.com/ids_integration Initializes the Acronis backend agent, with options to provision and force reinstallation. Supports specifying a temporary directory for installation. ```python from restore_infected import backup_backends acronis = backup_backends.backend('acronis') acronis.init(name, password, provision=True, force=True, tmp_dir=None) ``` -------------------------------- ### Configure UI Path in Integration Config Source: https://docs.imunify360.com/imunifyav/stand_alone_mode Set the web server directory path where ImunifyAV will be installed and served. ```ini [paths] ui_path = /var/www/vhosts/imunifyAV/imunifyAV.hosting.example.com/html/imav ``` -------------------------------- ### Update ImunifyAV Beta on Ubuntu 22.04 Source: https://docs.imunify360.com/imunifyav Configures the testing repository for Ubuntu 22.04 to install a beta version of ImunifyAV. ```bash echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/22.04/ jammy main' > /etc/apt/sources.list.d/imunify360-testing.list apt-get update apt-get install --only-upgrade imunify-antivirus ``` -------------------------------- ### Enable WebShield Service Source: https://docs.imunify360.com/control_panel_integration Commands to enable and start the WebShield service in Imunify360. This involves updating the agent configuration and enabling/restarting the systemd service. ```bash imunify360-agent config update '{"WEBSHIELD": {"enable": true, "known_proxies_support": true}}' ``` ```bash systemctl enable imunify360-webshield ``` ```bash systemctl restart imunify360-webshield ``` -------------------------------- ### Register ImunifyAV with Activation Key Source: https://docs.imunify360.com/imunifyav/cli Registers and activates ImunifyAV using a provided activation key. Use this if activation was missed during installation or if the key has changed. ```bash imunify-antivirus register IMAV250jjRRjowbjk56dGN OK ``` -------------------------------- ### Generate Bash Completion Script Source: https://docs.imunify360.com/command_line_interface Installs the imunify360-agent completion script for Bash system-wide. Start a new shell session for changes to take effect. ```bash imunify360-agent completions bash | sudo tee /etc/bash_completion.d/imunify360-agent > /dev/null ``` -------------------------------- ### Update ImunifyAV Beta on Ubuntu 18.04 Source: https://docs.imunify360.com/imunifyav Configures the testing repository for Ubuntu 18.04 to install a beta version of ImunifyAV. ```bash echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/18.04/ bionic main' > /etc/apt/sources.list.d/imunify360-testing.list apt-get update apt-get install --only-upgrade imunify-antivirus ``` -------------------------------- ### ImunifyAV Scan Event JSON Example Source: https://docs.imunify360.com/imunifyav This JSON object represents the output of a scan event, detailing scan ID, start time, file counts, temporary filename, errors, and status. ```json { "scan_id":"dc3c6061c572410a83be19d153809df1", "started":1587365282, "total_files":873535, "total_cleaned":872835, "tmp_filename":”/var/imunify/tmp/hooks/tmp_02q648234692834698456728439587245.json”, "errors":[], "status":"ok" } ``` -------------------------------- ### Install ModSecurity Vendors Source: https://docs.imunify360.com/command_line_interface Installs ModSecurity vendors for Imunify360. This command ensures the vendor is installed without conflicts. ```bash imunify360-agent install-vendors ``` -------------------------------- ### Install Imunify360 ModSecurity Ruleset on Plesk Source: https://docs.imunify360.com/ids_integration Installs the Imunify360 ModSecurity ruleset on Plesk. This command should be run after verifying that the Imunify360 ruleset is not already installed. ```bash # imunify360-agent install-vendors OK ``` -------------------------------- ### Enable Malware Scan Button Source: https://docs.imunify360.com/imunifyav/faq_and_known_issues Enable the 'Start scanning' button for ImunifyAV by updating the configuration to allow malware scans. ```bash # imunify-antivirus config update '{"PERMISSIONS": {"allow_malware_scan": true}}' ``` -------------------------------- ### Malware Cleanup Started Event Source: https://docs.imunify360.com/features Generated when a malware cleanup process starts. Includes cleanup ID, start time, total files for cleanup, and the temporary filename for the scanning report. ```json { "cleanup_id": "dc3c6061c572410a83be19d153809df1", "started": 1587365282, "total_files": 873535, "tmp_filename": "/var/imunify/tmp/hooks/tmp_02q648234692834698456728439587245.json" } ``` -------------------------------- ### Whitelist Domain and All Subdomains Source: https://docs.imunify360.com/command_line_interface Adds both the main domain (e.g., example.com) and all its potential subdomains to the whitelist. ```bash imunify360-agent whitelist domain add .example.com OK ``` -------------------------------- ### Restore Infected File - Acronis Init with Provision Source: https://docs.imunify360.com/ids_integration Initializes the Acronis backup backend and provisions the backup agent. The --force option can be used to force installation even if the agent is already present. ```bash restore_infected acronis init --provision ``` -------------------------------- ### Install KernelCare Source: https://docs.imunify360.com/command_line_interface Installs the KernelCare feature. This command enables additional software included with Imunify360. ```bash imunify360-agent features install kernelcare ``` -------------------------------- ### Upload Malware Sample as Root using su Source: https://docs.imunify360.com/faq_and_known_issues If operating as root, use 'su' to upload a malware sample to a specific webroot directory, testing the real-time scanner. ```bash cd /var/www/mycooluser/mycoolwebsite_docroot sudo su mycooluser -s /bin/bash -c "curl -o eicar.com.txt https://secure.eicar.org/eicar.com.txt" ``` -------------------------------- ### Install policycoreutils-python-utils on CentOS8/CloudLinux8 Source: https://docs.imunify360.com/installation If the 'checkmodule' command is not found, install the necessary package using yum. ```bash yum install policycoreutils-python-utils ``` -------------------------------- ### Check KernelCare Status Source: https://docs.imunify360.com/command_line_interface Checks the installation status of KernelCare. The output indicates whether KernelCare is installed or not. ```bash imunify360-agent features status kernelcare ``` -------------------------------- ### Initialize cPanel backup system Source: https://docs.imunify360.com/command_line_interface Initializes the cPanel backup system for use with Imunify360. This is a required step before managing backups. ```bash imunify360-agent backup-systems init cpanel ``` -------------------------------- ### SMTP Traffic Management Configuration Example Source: https://docs.imunify360.com/dashboard An example of how the SMTP_BLOCKING section might appear in the configuration file after updates. ```yaml SMTP_BLOCKING: allow_groups: - mailacc allow_local: true allow_users: [] enable: true ports: - 25 - 587 - 465 redirect: true ``` -------------------------------- ### Merged ImunifyAV Configuration Example Source: https://docs.imunify360.com/imunifyav/config_file_description Illustrates the resulting configuration after merging default, common, and local settings. First-level sections are merged, while second-level options are replaced. ```yaml FIREWALL: TCP_IN_IPv4: - '20' - '22' - '12345' port_blocking_mode: DENY ``` -------------------------------- ### Enable End User Interface Source: https://docs.imunify360.com/imunifyav Execute this command to enable the ImunifyAV end-user interface. This command makes the user-side interface visible. ```bash /usr/share/av-userside-plugin.sh ``` -------------------------------- ### Example User List JSON Structure Source: https://docs.imunify360.com/imunifyav/stand_alone_mode A sample JSON structure for the user list file generated by the integration script, including optional domain information. ```json { "data": [ { "id": 1000, "username": "ins5yo3", "owner": "root", "domain": "ins5yo3.com", "package": { "name": "package", "owner": "root" }, "email": "ins5yo3@ins5yo3.com", "locale_code": "EN_us" }, { "id": 1001, "username": "ins5yo6", "owner": "root", "domain": "ins5yo6.com", "package": { "name": "package", "owner": "root" }, "email": "ins5yo4@ins5yo6.com", "locale_code": "EN_us" } ], "metadata": { "result": "ok" } } ``` -------------------------------- ### Install ModSecurity Ruleset for Imunify360 Source: https://docs.imunify360.com/ids_integration Command to install ModSecurity ruleset for Imunify360 on cPanel, Plesk, DirectAdmin, or Stand-alone systems. ```bash imunify360-agent install-vendors ``` -------------------------------- ### Install checkmodule on CentOS 7 / CloudLinux 7 Source: https://docs.imunify360.com/imunifyav Install the 'checkpolicy' package, which provides the 'checkmodule' command, on CentOS 7 or CloudLinux 7. ```bash yum install checkpolicy ``` -------------------------------- ### Update ImunifyAV Beta on Ubuntu 20.04 Source: https://docs.imunify360.com/imunifyav Sets up the testing repository for Ubuntu 20.04 to update ImunifyAV to a beta release. ```bash echo 'deb https://repo.imunify360.cloudlinux.com/imunify360/ubuntu-testing/20.04/ focal main' > /etc/apt/sources.list.d/imunify360-testing.list apt-get update apt-get install --only-upgrade imunify-antivirus ``` -------------------------------- ### Create Vendor-Specific Configuration Directory Source: https://docs.imunify360.com/control_panel_integration Create a vendor-specific configuration directory for Imunify Security integration settings. ```bash mkdir -p /opt/cpvendor/etc/ ``` -------------------------------- ### Show End-User License Agreement Source: https://docs.imunify360.com/command_line_interface Displays the end-user license agreement. ```bash imunify360-agent eula show ``` -------------------------------- ### Start Imunify360 Agent Service Source: https://docs.imunify360.com/faq_and_known_issues Command to start the Imunify360 agent service if it is found to be inactive. This is a common step in troubleshooting the 'Imunify agent is not running' error. ```bash service imunify360 start ``` -------------------------------- ### Enable WebShield Source: https://docs.imunify360.com/features CLI command to enable WebShield, which is disabled in Low Resource Usage mode. ```bash imunify360-agent config update '{"WEBSHIELD": {"enable": true}}' ``` -------------------------------- ### Start On-Demand Scan with Ignore Mask Source: https://docs.imunify360.com/imunifyav/cli Starts an on-demand scan for directories matching a pattern, while excluding specific subdirectories. Use single quotes around paths with wildcards. ```bash imunify-antivirus malware on-demand start --path='/var/www/vhosts/d*' --ignore-mask='/var/www/vhosts/dixon77w.com/*,/var/www/vhosts/dunnrrr.com/*' ``` -------------------------------- ### Regular Hook Script Example Source: https://docs.imunify360.com/imunifyav An example of a regular (non-native) hook script written in bash. It parses event data using jq and handles different events and subtypes. ```bash #!/bin/bash data=$(cat) event=$(jq -r '.event' <<< ${data}) subtype=$(jq -r '.subtype' <<< ${data}) case ${event} in malware-scanning) case ${subtype} in started) # do stuff here ;; *) echo "Unhandled subtype: ${subtype}" 1>&2 exit 1 esac ;; *) echo "Unhandled event: ${event}/${subtype}" 1>&2 exit 2 esac ``` -------------------------------- ### Get Authentication Token Source: https://docs.imunify360.com/command_line_interface Use the `login get` command to generate an authentication token for a specified username. This is useful for integrating with custom authorization mechanisms or stand-alone Imunify UI. ```bash imunify360-agent login get --username my-user1 ``` ```text eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE2MDAyNDQwMTAuMDk5MzE5LCJ1c2VyX3R5cGUiOiJjbGllbnQiLCJ1c2VybmFtZSI6ImNsdGVzdCJ9.V_Q03hYw4dNLX5cewEb_h46hOw96KWBWP0E0ChbP3dA ``` -------------------------------- ### Install checkmodule on CentOS 9 / CloudLinux 9 Source: https://docs.imunify360.com/imunifyav Install the 'checkpolicy' package using dnf on CentOS 9 or CloudLinux 9. 'policycoreutils-python-utils' may also be needed for other SELinux tools. ```bash dnf install checkpolicy ``` -------------------------------- ### Show User Configuration Source: https://docs.imunify360.com/config_file_description Displays the current configuration settings for a specific user in JSON format. Replace with the target user's identifier. ```bash imunify360-agent config show --user --json ``` -------------------------------- ### Show Current Server Configuration Source: https://docs.imunify360.com/features Use this CLI command to view the current server's merged configuration. The final configuration is available at `/etc/sysconfig/imunify360/imunify360-merged.config`. ```bash imunify360-agent config show ``` -------------------------------- ### Get Data in JSON Format with Verbose Output Source: https://docs.imunify360.com/command_line_interface This command fetches data for the 'get' command, filtered by a 1-hour period and country code UA, and displays it in a well-formatted JSON output. ```bash imunify360-agent get --period 1h --by-country-code UA --by-list black --json --verbose ``` -------------------------------- ### Malware Scanning Started Event Payload Source: https://docs.imunify360.com/imunifyav This JSON object represents the payload for a 'malware-scanning started' event. It includes details about the scan, such as its ID, the path being scanned, the user, and the type of scan initiated. ```json { "scan_id":"dc3c6061c572410a83be19d153809df1", "home":"/home/a/abdhf/", "user":"abdhf", "type":"background", "scan_params": {"file_mask":"*", "follow_symlinks":"true", "ignore_mask":"", "intensity":"low"} } ``` -------------------------------- ### Malware Scan Started Event Structure Source: https://docs.imunify360.com/features This JSON object represents the structure of a 'started' event for a malware scan. It includes details about the scan ID, user, type, and initial scanning parameters. ```json { "scan_id": "dc3c6061c572410a83be19d153809df1", "home": "/home/a/abdhf/", "user": "abdhf", "type": "background", "scan_params": { "file_patterns": "*", "exclude_patterns": null, "follow_symlinks": true, "intensity_cpu": 2 "intensity_io": 2 "intensity_ram": 2048 } } ``` -------------------------------- ### Basic CLI Usage Structure Source: https://docs.imunify360.com/command_line_interface This shows the general structure for using Imunify360 agent commands with optional arguments. ```bash imunify360-agent [command] [--option1] [--option2]... ``` -------------------------------- ### Show Default ImunifyAV Configuration Source: https://docs.imunify360.com/imunifyav/config_file_description Command to display the default configuration settings before they are merged with local overrides. ```bash imunify-antivirus config show defaults ``` -------------------------------- ### Install WordPress Security Plugin via CLI Source: https://docs.imunify360.com/dashboard Installs the Imunify Security WP plugin on all WordPress sites via the command line. This requires the 'Default action on detect' setting to be 'Cleanup' in the Malware settings. ```bash imunify360-agent config update '{"WORDPRESS":{"security_plugin_enabled": true}}' ``` -------------------------------- ### Restore Infected File - Acronis Init Command Source: https://docs.imunify360.com/ids_integration Initializes the Acronis backup backend for the restore_infected library. This command may require specific arguments like username and password for authentication. ```bash restore_infected acronis init ``` -------------------------------- ### Show Default Server Configuration States Source: https://docs.imunify360.com/features This CLI command displays server configuration in different states: mutable_config (before local overrides), local_config (parsed local overrides), and immutable_config (merged configs after local overrides). ```bash imunify360-agent config show defaults ``` -------------------------------- ### Unmask CXSWATCH service Source: https://docs.imunify360.com/ids_integration Unmasks the cxswatch systemd service, allowing it to be started again. ```bash systemctl unmask cxswatch ``` -------------------------------- ### Get Acronis Login URL Source: https://docs.imunify360.com/ids_integration Retrieves the login URL for the Acronis backend. ```bash restore_infected acronis login_url ``` -------------------------------- ### Recreate ImunifyAV Database Source: https://docs.imunify360.com/imunifyav/faq_and_known_issues Stop the agent, back up the database, and restart to force recreation of the Imunify360 database. Use this if database corruption is suspected. ```bash # service imunify-antivirus stop # mv /var/imunify360/imunify360.db /var/imunify360/imunify360.db_backup # service imunify-antivirus start ``` -------------------------------- ### Get Acronis Login URL Source: https://docs.imunify360.com/ids_integration Retrieves the URL to log in to the Acronis web interface. ```python from restore_infected import backup_backends acronis = backup_backends.backend('acronis') token = acronis.login_url() ``` -------------------------------- ### Generate Fish Completion Script Source: https://docs.imunify360.com/command_line_interface Installs the imunify360-agent completion script for Fish on a per-user basis. ```bash imunify360-agent completions fish > ~/.config/fish/completions/imunify360-agent.fish ``` -------------------------------- ### Specify Panel Information in integration.conf Source: https://docs.imunify360.com/control_panel_integration This configuration snippet shows how to set the 'panel_info' option in the integration.conf file to specify the path to a script that provides hosting panel details to Imunify360. ```ini [integration_scripts] panel_info = /etc/sysconfig/imunify360/get-panel-info.sh ``` -------------------------------- ### Upload Malware Sample via SSH to Test Real-time Scanner Source: https://docs.imunify360.com/faq_and_known_issues Test the real-time file scanner by uploading a malware sample to a webroot via SSH. This snippet shows how to use scp. ```bash wget https://secure.eicar.org/eicar.com.txt -O /tmp/eicar.com.txt scp /tmp/eicar.com.txt mycooluser@X.Y.Z.A:/var/www/mycooluser/mycoolwebsite_docroot ``` -------------------------------- ### Uninstall ModSecurity Vendors Source: https://docs.imunify360.com/command_line_interface Uninstalls ModSecurity vendors from Imunify360. Use this command to remove installed vendors. ```bash imunify360-agent uninstall-vendors ``` -------------------------------- ### Whitelist All Subdomains Source: https://docs.imunify360.com/command_line_interface Adds all subdomains of a given domain (e.g., *.example.com) to the whitelist, excluding the parent domain itself. ```bash imunify360-agent whitelist domain add "*.example.com" OK ``` -------------------------------- ### Download and Set Permissions for Submission Script Source: https://docs.imunify360.com/command_line_interface Download the Imunify false positive/false negative submission script and make it executable. This script requires root privileges. ```bash # curl -o fpfn-submission.sh https://files.imunify360.com/static/cm/fpfn-submission.sh # chmod 700 fpfn-submission.sh ``` -------------------------------- ### View Imunify360 Version Source: https://docs.imunify360.com/command_line_interface Displays the currently installed Imunify360 version. The --json flag can be used for JSON output. ```bash imunify360-agent version [--json] ```