Introduction
Imunify360 is a complete automated web server security platform for Linux Servers. Antivirus, Real-time Malware Scanner, File Antivirus, Firewall, WAF, PHP Security Layer, Patch Management, Domain Reputation with easy UI and advanced automation. Plus, Imunify360 integrates seamlessly with Virtualmin, enhancing its security capabilities.
In this guide, we’ll guide you through the process of installing Imunify360 in Virtualmin so that you can secure your Linux server.
Prerequisites
Before proceeding with this guide, ensure the following prerequisites are met:
- Virtualmin Installation: Make sure Virtualmin is installed on your system. Refer to the guide on How to install Virtualmin (Ubuntu, CentOS, or Debian).
- ModSecurity: Ensure ModSecurity version 2.9 or higher is installed. If not, follow the instructions for installing ModSecurity.
- mod_remoteip Apache Module: This module must be enabled in your Apache configuration.
- Imunify360 License Key: You’ll need a valid license key. You can either purchase one from here or get a trial key from here.
Hardware Requirements:
Ensure your server meets the following hardware specifications:
- RAM: Minimum 1GB of RAM.
- Disk Space: At least 20GB of available disk space.
- CPU: 64bit version on x86_64 processors only
Step 1 – Imunify360 integrations in Virtualmin
Begin by creating a virtual server or sub-server named imunify360.domain.com in Virtualmin. Refer to the guide on how to create virtual server/sub-server in Virtualmin if needed.
Next, create the Imunify360 integration and ModSecurity configuration file at /etc/sysconfig/imunify360/.
To do this, first, create a directory named “imunify360” within /etc/sysconfig/. Then, create the required configuration files inside this directory by executing the following commands:
mkdir -p /etc/sysconfig/imunify360/ touch /etc/sysconfig/imunify360/integration.conf touch /etc/sysconfig/imunify360/generic/modsec.conf
Setup Integration scripts which are necessary to manage domains, users, and admins effectively.
- Get Admins Script (get-admins-script.sh):
Create a file named get-panel-info.sh at /etc/sysconfig/imunify360 location. This script will provide Imunify360 with information about the Virtualmin version. Add the following code to the script:
#!/bin/bash
# Check Virtualmin version
virtualmin_version=$(virtualmin info host | grep -oP 'virtualmin version:\s+\K\S+')
# Output the data in JSON format
cat <<EOF
{
"data": {
"name": "Virtualmin",
"virtualmin_version": "$virtualmin_version"
}
}
EOF2. Add Domains Script (add-domains-script.sh):
Create a file named get-admins-script.sh at /etc/sysconfig/imunify360 location and add the following code:
Create a file named get-admins-script.sh at /etc/sysconfig/imunify360 location. This script will create admin users in Imunify360. Add the following code to the script:
#!/bin/bash
generate_users_json()
{
_is_main="true"
echo "{"
echo " \"data\": ["
count=
n=$(cat "$_file" | wc -l)
for line in $(cat "$_file"); do
_user=`awk -F: '{print $1}' <<< $line`
_email=`awk -F: '{print $2}' <<< $line`
comma=","
if [[ $count -gt 0 ]]; then
multi_user=true
_is_main="false"
fi
count=$((count+1))
if [[ $count -eq $n ]]; then
comma=""
fi
template_users_json
done
cat <<EOF
],
"metadata": {
"result": "ok"
}
}
EOF
}
template_users_json()
{
cat <<EOF
{
"name": "$_user",
"unix_user": "$_user",
"locale_code": "EN_us",
"email": "$_email",
"is_main": $_is_main
}$comma
EOF
}
_file="/etc/sysconfig/imunify360/admins.txt"
test -f $_file || { echo "file \"$_file\" does not exist" && exit 1; }
generate_users_json
2.1 Create admins.txt File:
Create a file named admins.txt at /etc/sysconfig/imunify360 location. Add all the admin usernames that you want to add to Imunify360, each on a new line.
For example:
root:root@example1.com test:test@example2.com
3.Add Users Script (add-users-script.sh):
Create a file named get-domains-script.sh at /etc/sysconfig/imunify360 location. This script will create all the domains hosted in Virtualmin in Imunify360. Add the following code to the script:
#!/bin/bash
generate_domains_json()
{
_is_main="true"
echo "{"
echo " \"data\": {"
count=
n=$(cat $_file | wc -l)
for line in $(cat "$_file"); do
_user=`awk -F: '{print $1}' <<< $line`
_domain=`awk -F: '{print $2}' <<< $line`
_documentroot=`awk -F: '{print $3}' <<< $line`
comma=","
if [[ $count -gt 0 ]]; then
multi_user=true
comma=","
_is_main="false"
fi
count=$((count+1))
if [[ $count -eq $n ]]; then
comma=""
fi
template_domains_json
done
cat <<EOF
},
"metadata": {
"result": "ok"
}
}
EOF
}
template_domains_json()
{
cat <<EOF
"$_domain": {
"document_root": "$_documentroot",
"is_main": $_is_main,
"owner": "$_user"
}$comma
EOF
}
_file="/etc/sysconfig/imunify360/domains.txt"
test -f $_file || { echo "file \"$_file\" does not exist" && exit 1; }
generate_domains_json3.1 Create domains.txt File:
Create a file named domains.txt at /etc/sysconfig/imunify360 location. Add all the domains that you want to add to Imunify360, each on a new line.
For example:
test01:example001.com:/home/test01/public_html/ test02:example002.com:/home/test02/public_html/
4. Create get-users-script.sh Script:
Create a file named get-users-script.sh at /etc/sysconfig/imunify360 location. This script will create users from Virtualmin in Imunify360. Add the following code to the script:
#!/bin/bash
generate_users_json()
{
echo "{"
echo " \"data\": ["
count=
n=$(cat "$_file" | wc -l)
for line in $(cat "$_file"); do
_user=`awk -F: '{print $1}' <<< $line`
_uid=`awk -F: '{print $2}' <<< $line`
_domain=`awk -F: '{print $3}' <<< $line`
_email=`awk -F: '{print $4}' <<< $line`
comma=","
if [[ $count -gt 0 ]]; then
multi_user=true
fi
count=$((count+1))
if [[ "$count" -eq "$n" ]]; then
comma=""
fi
template_users_json
done
cat <<EOF
],
"metadata": {
"result": "ok"
}
}
EOF
}
template_users_json()
{
cat <<EOF
{
"id": $_uid,
"username": "$_user",
"owner": "root",
"domain": "$_domain",
"package": {
"name": "package",
"owner": "root"
},
"email": "$_email",
"locale_code": "EN_us"
}$comma
EOF
}
_file="/etc/sysconfig/imunify360/users.txt"
test -f $_file || { echo "file \"$_file\" does not exist" && exit 1; }
generate_users_json
4.1 Create users.txt File:
Create a file named users.txt at /etc/sysconfig/imunify360 location. Add all the users that you want to add to Imunify360, each on a new line.
For example:
test01:1003:example01.com:test01@example01.com test02:1004:example02.com:test02@example02.com
Make sure to set appropriate permissions on these scripts to ensure they are executable. You can do this using the chmod command. For example:
chmod +x /etc/sysconfig/imunify360/get-panel-info.sh chmod +x /etc/sysconfig/imunify360/get-admins-script.sh chmod +x /etc/sysconfig/imunify360/get-domains-script.sh chmod +x /etc/sysconfig/imunify360/get-users-script.sh
Now, we need to add all the following configurations into the integration.conf file.
Note: Before adding these configurations, ensure to change the default settings, such as the ui_path, ui_path_owner and more.
# Specifying panel information [integration_scripts] panel_info = /etc/sysconfig/imunify360/get-panel-info.sh # Integration with web server - Path where the Imunify360 UI SPA application will be installed and served. [paths] ui_path = /path/to/domain/imunify360.domain.com # User of Virtualmin, replace the user and owner ui_path_owner = imunify360:imunify360 [pam] service_name = system-auth # Integration with Malware Scanner - To scan files for changes (to detect malware) using inotify, # configure which directories to watch in the integration.conf file: [malware] basedir = /var/www #a root directory to watch (recursively) pattern_to_watch = ^/var/www/.+?/(public_html|public_ftp|private_html)(/.*)?$ #WEB server type and commands [web_server] #server type apache/nginx/litespeed server_type = apache graceful_restart_script = /usr/sbin/apachectl restart config_test_script = /usr/sbin/apachectl -t #path to ModSecurity audit logs modsec_audit_log = /var/log/httpd/modsec_audit.log modsec_audit_logdir = /var/log/modsec_audit #Limiting users and provide context for IM360 mechanisms [integration_scripts] admins = /etc/sysconfig/imunify360/get-admins-script.sh users = /etc/sysconfig/imunify360/get-users-script.sh domains = /etc/sysconfig/imunify360/get-domains-script.sh #Domain-specific ModSecurity configuration (to disable rules using CLI) #modsec_domain_config_script = /path/to/inject/domain/specific/config/script.sh
Step 2 – Install Imunify360 in Virtualmin
Before initiating the Imunify360 installation process on Virtualmin, it’s recommended to install the screen and wget packages.
Run the following command to install screen package. (Learn more about screen)
CentOS:
sudo yum install screen -y
Ubuntu/Debian:
sudo apt-get install screen -y
Run the following command to install wget package. (Learn more about wget)
CentOS:
sudo yum install wget -y
Ubuntu/Debian:
sudo apt-get install wget -y
Log in to the server with root access.
Run screen & then run the following commands:
wget https://repo.imunify360.cloudlinux.com/defence360/i360deploy.sh -O i360deploy.sh bash i360deploy.sh --key YOUR_KEY
Note: Replace YOUR_KEY with your actual Imunify360 license key.
The installation process may take up to 10-15 minutes.
Now, Enable WebShield
To enable WebShield and start the service, follow these steps:
Enable WebShield:
By default, WebShield is disabled when Imunify360 stand-alone is installed. You can enable it by executing the following command:
imunify360-agent config update '{"WEBSHIELD": {"enable": true, "known_proxies_support": true}}'Start the WebShield Service:
Once WebShield is enabled, start the service:
systemctl enable imunify360-webshield
systemctl restart imunify360-webshield
That’s it.
You can now use Imunify360 from: https://imunify360.domain.com and change the default settings from Imunify360 dashboard to reflect your needs.
BENIFITS
- Real-time Automatic Virus & Malware Scanning and Removal:
- Imunify360 provides continuous real-time scanning for viruses and malware, automatically removing any detected threats to secure your server.
- Advanced Firewall/WAF with Machine-learning Rulesets:
- Imunify360 features an advanced firewall and web application firewall (WAF) equipped with machine-learning rulesets. This proactive defense mechanism helps identify and block malicious traffic, protecting your server from various online threats.
- Malicious PHP Script Detection and Blocking (Proactive Defense):
- With its Proactive Defense component, It detects and blocks malicious PHP scripts, preventing them from causing harm to your system.
- Blocks Brute-force Attacks at Both Network and HTTP Levels:
- Imunify360 effectively thwarts brute-force attacks targeting both network services and HTTP applications, mitigating the risk of unauthorized access to your system.
- Protection Against Vulnerability Exploitation, Including 0-day Attacks:
- Imunify360 offers comprehensive protection against vulnerability exploitation, including zero-day attacks, by continuously monitoring for and blocking potential exploit attempts.
- Blocks Denial of Service (DoS) Attacks:
- Imunify360 secures your system against Denial of Service (DoS) attacks, preventing disruptions to your services and ensuring uninterrupted availability.
- Port Scanning:
- Imunify360 includes advanced port scanning capabilities to monitor and secure your system’s network ports, preventing unauthorized access and potential vulnerabilities.
- World-Class 24x7x365 Technical Support Included:
- Imunify360 provides access to top-tier technical support around the clock, every day of the year. This ensures that you have assistance available whenever you need it, guaranteeing the optimal performance and security of your server.
Conclusion:
Installing Imunify360 in Virtualmin greatly boosts your server’s security against cyber threats. By following the steps outlined in this guide and meeting the prerequisites, you can seamlessly integrate Imunify360 into your server environment. With its real-time threat detection and user-friendly interface, It provides peace of mind for server administrators, allowing them to focus on their core tasks without security concerns. Take action today to protect your server and data from malicious activities.
Nilesh R. Agrawal 
mustofa
Hi,
Thanks for your nice tutorial, i’m get some problem when excecute i360deploy.sh
[2024-02-25 07:38:18] Checking for an update to i360deploy.sh
[2024-02-25 07:38:18] Downloading i360deploy.sh.repo_version (please wait)
[2024-02-25 07:38:20] i360deploy.sh is already the latest version (2.91) – continuing
Detecting ostype… debian
[2024-02-25 07:38:20] i360deploy.sh: line 125: Checking prerequisites…: command not found
[2024-02-25 07:38:21] syntax error in /etc/sysconfig/imunify360/integration.conf Read the manual https://docs.imunify360.com/control_panel_integration/#introduction on how to create a valid config file.
[2024-02-25 07:38:21]
Is there anything I missed in the installation process?
thanks
Nilesh R. Agrawal
Hi,
Thank you for your message. It seems there might be a couple of issues with the installation process:
1. The error “Checking prerequisites…: command not found” suggests there could be an issue with how the script is being executed or with missing prerequisites. Double-check that all necessary prerequisites are installed as mentioned in the installation guide before running the script.
2. The syntax error in `/etc/sysconfig/imunify360/integration.conf` indicates a problem with the configuration file. Review the file and ensure it follows the correct syntax as per the Imunify360 documentation.
If you’ve followed the tutorial and still have problems, carefully review each step and compare your setup with the documentation. For more specific help, consider reaching out to the Imunify360 support team.
Hope this helps!