{"id":1826,"date":"2021-08-19T10:37:20","date_gmt":"2021-08-19T05:07:20","guid":{"rendered":"https:\/\/coimbatorewebhosting.com\/blog\/?p=1826"},"modified":"2021-08-19T12:25:34","modified_gmt":"2021-08-19T06:55:34","slug":"pyxsoft-anti-malware-in-server","status":"publish","type":"post","link":"https:\/\/coimbatorewebhosting.com\/blog\/pyxsoft-anti-malware-in-server\/","title":{"rendered":"How to Install and Configure Pyxsoft Anti Malware in server"},"content":{"rendered":"<h4 class=\"fittexted_for_content_h4\"><span>Pyxsoft AntiMalware : Installation and Configuration (Step by Step Guide)<\/span><\/h4>\n<p><strong>Pyxsoft antimalware<\/strong> Plugin for cPanel\/WHM protects your server from attacker scripts such as <a href=\"http:\/\/www.pyxsoft.com\/portal\/c99-shell\/\" target=\"_blank\" rel=\"noopener nofollow\">c99shell<\/a>, <a href=\"https:\/\/kb.sucuri.net\/malware\/signatures\/php.backdoor.r57-shell.001.003\" target=\"_blank\" rel=\"noopener nofollow\">r57shell<\/a>, <a href=\"http:\/\/ani-shell.sourceforge.net\/\" target=\"_blank\" rel=\"noopener nofollow\">ANIShell,<\/a> and hundreds more. It is a real-time Anti Malware for cPanel\/WHM. Attackers can take control of your servers or can damage your customer\u2019s data by uploading one of these scripts.<\/p>\n<p><strong>Pyxsoft antimalware plugin works to protects your server in two ways<\/strong><\/p>\n<p><strong>1.Protecting from the six entrance of server<\/strong><\/p>\n<ul>\n<li>SQL Injection<\/li>\n<li>Legitimate Access (SSH, cPanel etc)<\/li>\n<li>Web Forms<\/li>\n<li>FTP<\/li>\n<li>Brute Force Attacks<\/li>\n<li>Installed Trojans or shells<\/li>\n<\/ul>\n<p><strong>2.With additional methods<\/strong><\/p>\n<p><strong>Scanning all changes every night<\/strong><\/p>\n<p>On every night the Pyxsoft antimalware plugin will scan all the <a href=\"https:\/\/coimbatorewebhosting.com\/blog\/how-to-secure-website-with-ssl\/\" title=\"files changed\" alt=\"files changed\">files changed<\/a> during last day and the results are mailed to root administrator. The scan is small and will detect all the new malware installed in the server.<\/p>\n<p><strong>Blocking generic bad-requests<\/strong><\/p>\n<p>Pyxsoft antimalware plugin employs many Mod security rules that reject PHP injection, SQL injection and many known script vulnerabilities such as Timthumb exploit, Joomla password change exploit, OsCommerce upload exploit, and much more. It will keep the customers safe even if their scripts are unsafe and out of date. Also always remember that the Pyxsoft antimalware plugin will help you managing your servers, it not replaces the administrator.<\/p>\n<p>There are also certain cases where Pyxsoft antimalware plugin will not provide protection. These are as follows:<\/p>\n<ul>\n<li>If attacker steals or guess your SSH password.<\/li>\n<li>If you don\u2019t delete the malware found in the regular scan.<\/li>\n<li>If your server is already hacked with a rootkit.<\/li>\n<li>Malware uploaded via cPanel file manager will be detected at the night scan.<\/li>\n<\/ul>\n<p><strong>Scanning your whole server<\/strong><\/p>\n<p>Initially the Pyxsoft antimalware plugin will scan the entire server to find out the installed malware. The definitions include ClamAV database and 6,000 additional malware signatures including perl files, PHP shells, PHP uploaders, PHP downloaders, IRC bots and Mass Mailers.<br \/>\nYou will get the detailed list of the infected files once the scanning of the server is finished. Scanning is called with the nice Linux commands. Scanning the whole server will not increase the server load in more than 1 or 1.5 units.<\/p>\n<p><strong>Inspecting uploads<\/strong><\/p>\n<p>Most important feature is that the customers never upload PHP scripts using HTML formats. Pyxsoft antimalware plugin will scan all HTTP and FTP files in real time. All perl and PHP scripts will be rejected in HTTP uploads. If you keep Pyxsoft antimalware plugin to inspect all HTTP uploads while starting a new server, the chance of hacking can be reduced.<\/p>\n<p>Attackers tries all new discovered script vulnerabilities. Many times, attackers have user and password for WordPress, Joomla or OsCommerce sites and can use them to upload malware scripts. Even in those cases, they will not be able to upload their scripts.<\/p>\n<p>For the proper working Pyxsoft antimalware plugin needs,<\/p>\n<ul>\n<li>WHM\/cPanel version 11.30 or superior<\/li>\n<li>Apache <a href=\"https:\/\/coimbatorewebhosting.com\/blog\/flush-dns-cache-windows-linux\/\" title=\"Web Server\" alt=\"Web Server\">Web Server<\/a><\/li>\n<li>Mod Security 2.5 or superior installed<\/li>\n<li>Internal WHM Ioncube loader enabled<\/li>\n<li>ClamAV Antivirus installed<\/li>\n<\/ul>\n<p><strong>Note :<\/strong>\u00a0Pyxsoft antimalware plugin will not work with Lighttpd, Litespeed or Nginx web servers.\u00a0The plugin will work in trial mode for 7 days even if you don\u2019t have license.<\/p>\n<p><strong>Installing &amp; configuring the Pyxsoft antimalware plugin<\/strong><\/p>\n<p>For installing the <a href=\"https:\/\/www.pyxsoft.com\/portal\/\" target=\"_blank\" rel=\"noopener nofollow\">Pyxsoft antimalware plugin<\/a>, execute the following commands in a SSH console:<\/p>\n<pre>root@server [~]# cd ~\r\n\r\nroot@server [~]# wget http:\/\/www.pyxsoft.com\/software\/antimalware\/anti_malware.tar.gz\r\n\r\nroot@server [~]# tar -xzf anti_malware.tar.gz\r\n\r\nroot@server [~]# cd anti_malware\r\n\r\nroot@server [~]# sh install.sh<\/pre>\n<p>If the installation is completed successfully, enter WHM and go to Pyxsoft Antimalware.<\/p>\n<p><strong>Installing Mod Security<\/strong><\/p>\n<p>The following steps are to be performed to install mod security, and care should be taken when recompiling the system. (Do it at your own risk.)<\/p>\n<ul>\n<li>Log into your WHM panel<\/li>\n<li>Click on EasyApache option<\/li>\n<li>Click on \u201cPreviously Saved Config\u201d and \u201cStart cusomizing based on profile\u201d button.<\/li>\n<li>Select Apache 2.2 (or Apache 2 if you use PHP 4) and go to Next Step<\/li>\n<li>Select your preferred PHP Version. PHP 5 is recommended. Go to Next Step.<\/li>\n<li>Select minor version or use the selected one. Go to Next Step.<\/li>\n<li>Check the Mod Security option. Leave the other options as suggested.<\/li>\n<li>Click \u201cSave and Build\u201d<\/li>\n<li>Click on \u201cYes\u201d when asked you to recompile Apache and PHP and wait until the process is finished.<\/li>\n<\/ul>\n<p><strong>Enabling Ioncube<\/strong><\/p>\n<p>Follow the steps to enable the internal ioncube loaders in order to execute Pyxsoft antimalware plugin.<\/p>\n<ul>\n<li>Log into your WHM panel<\/li>\n<li>Go to Tweak Settings Click PHP<\/li>\n<li>Check \u2018ioncube\u2019\u00a0in cPanel PHP loader. If you had selected source guardian, it means that you probably have another extension in conflict with Anti Malware Plugin.<\/li>\n<li>Save the changes.<\/li>\n<\/ul>\n<p><strong>Installing ClamAV<\/strong><\/p>\n<p>Installing <a href=\"https:\/\/www.clamav.net\/\" target=\"_blank\" rel=\"noopener nofollow\">ClamAV<\/a> is easier while compared to the installation of mod security. Steps are as follows<\/p>\n<ul>\n<li>Log into your WHM panel<\/li>\n<li>Click on Manage Plugins option.<\/li>\n<li>At the right side of the screen, locate ClamAV and check \u201cInstall and keep updated\u201d<\/li>\n<li>Click Save.<\/li>\n<\/ul>\n<p>cPanel\u00a0will take about 20 minutes to install ClamAV in your <a href=\"https:\/\/coimbatorewebhosting.com\/blog\/know-to-importing-wordpress-maually\/\" title=\"server\" alt=\"server\">server<\/a> and the operation should not be interrupted in between.<\/p>\n<p><strong>Uninstalling the Pyxsoft antimalware plugin<\/strong><\/p>\n<p>For uninstalling the Pyxsof antimalware plugin, execute the following commands in a SSH console:<\/p>\n<pre>root@server [~]# cd \/usr\/share\/ilabs_antimalware\/includes\r\n\r\nroot@server [~]# sh uninstall.sh<\/pre>\n<p>You should verify that your Apache (httpd) and ftp (pure-ftpd) services are running after uninstalling the Pyxsoft antimalware plugin.<\/p>\n<p>Screenshots of Pyxsoft antimalware plugin in WHM<\/p>\n<p><a href=\"https:\/\/i2.wp.com\/www.webhostingchennai.co.in\/blog\/wp-content\/uploads\/2019\/02\/pyx.jpg\" rel=\"nofollow noopener\" target=\"_blank\"><img decoding=\"async\" data-attachment-id=\"1119\" data-permalink=\"https:\/\/www.webhostingchennai.co.in\/blog\/pyx\/\" data-orig-file=\"https:\/\/i2.wp.com\/www.webhostingchennai.co.in\/blog\/wp-content\/uploads\/2019\/02\/pyx.jpg?fit=717%2C625&amp;ssl=1\" data-orig-size=\"717,625\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"pyx\" data-image-description=\"\" data-medium-file=\"https:\/\/i2.wp.com\/www.webhostingchennai.co.in\/blog\/wp-content\/uploads\/2019\/02\/pyx.jpg?fit=300%2C262&amp;ssl=1\" data-large-file=\"https:\/\/i2.wp.com\/www.webhostingchennai.co.in\/blog\/wp-content\/uploads\/2019\/02\/pyx.jpg?fit=717%2C625&amp;ssl=1\" loading=\"lazy\" class=\"alignnone size-full wp-image-1119\" src=\"https:\/\/i2.wp.com\/www.webhostingchennai.co.in\/blog\/wp-content\/uploads\/2019\/02\/pyx.jpg?resize=717%2C625\" alt=\"configuring Pyxsoft Antimalware\" srcset=\"https:\/\/i2.wp.com\/www.webhostingchennai.co.in\/blog\/wp-content\/uploads\/2019\/02\/pyx.jpg?w=717&amp;ssl=1 717w, https:\/\/i2.wp.com\/www.webhostingchennai.co.in\/blog\/wp-content\/uploads\/2019\/02\/pyx.jpg?resize=300%2C262&amp;ssl=1 300w, https:\/\/i2.wp.com\/www.webhostingchennai.co.in\/blog\/wp-content\/uploads\/2019\/02\/pyx.jpg?resize=69%2C60&amp;ssl=1 69w\" sizes=\"auto, (max-width: 717px) 100vw, 717px\" data-recalc-dims=\"1\" width=\"717\" height=\"625\" \/><\/a><\/p>\n<p>General Settings : Here we can set the common settings for the plugin.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Pyxsoft AntiMalware : Installation and Configuration (Step by Step Guide) Pyxsoft antimalware Plugin for cPanel\/WHM protects your server from attacker scripts such as c99shell, r57shell, ANIShell, and hundreds more. It is a real-time Anti Malware for cPanel\/WHM. Attackers can take control of your servers or can damage your customer\u2019s data [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1842,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[17,3,1],"tags":[],"class_list":["post-1826","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","category-linux","category-latest"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/coimbatorewebhosting.com\/blog\/wp-content\/uploads\/2021\/08\/pysoft.png","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pa2YU7-ts","_links":{"self":[{"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/posts\/1826","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/comments?post=1826"}],"version-history":[{"count":0,"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/posts\/1826\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/media\/1842"}],"wp:attachment":[{"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/media?parent=1826"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/categories?post=1826"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coimbatorewebhosting.com\/blog\/wp-json\/wp\/v2\/tags?post=1826"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}