Control Web Panel Server Scanners

Security Scanners - Control Web Panel (CWP) Malware Protection

Control Web Panel (CWP) Pro (formerly known as CentOS Web Panel) has many security plugin options available for installation. If you’re a CWPpro admin user, you can install and manage these integrations right from the dashboard – allowing you to scan for malicious software on your system.

Below we’ll quick walk you through the security plugin options you have with CWPpro.

CWP free version users can use these tools but must install and manage them entirely from the terminal.

Control Web Panel Malware Scanners 

These security solutions primarily detect and quarantine malware on your system to prevent cyber attacks.

Maldet Scan

Linux Malware Detect (LMD), also known as Maldet, is a malware scanner that uses HEX patterns and MD5 hashes to detect compromised data. Some Linux system administrators use Maldet and ClamAV together for access to additional virus databases.

Select Maldet Scan from the sidebar. Then select a CWP user from the drop-down menu (check the box to also search background processes) and Scan User.

CWP Maldet Scan plugin

Advanced users can do manual scans from the terminal:

maldet --scan-all /path-to-folder

Rkhunter Scan

Rootkit Hunter, also known simply as Rkhunter, searches for rootkits, backdoors and other exploits by comparing SHA-1 hashes against online databases. Rkhunter checks for suspicious permissions, hidden files, and modifications to kernel modules. 

Select Rkhunter Scan from the sidebar. Once installed you’ll have buttons to scan your system or update your malware databases.

CWP Rkhunter Scan plugin

You can run Rkhunter from your terminal with the following command:

rkhunter -c

PHP Defender

PHP Defender, located in the Security Center with ClamAV, uses the Snuffleupagus PHP module to harden PHP code and mitigate various bug classes, including code injection, cookie stealing, and remote code execution. All of this is done without you having to edit raw PHP code.

After selecting Security Center from the sidebar, choose Custom Installation if you wish to only install the PHP module for specific PHP versions. “Defender mode” is basically the level of security applied. Basic is fine and you can easily change this later.

  • CWP PHP Defender installation options
  • CWP PHP Defender

CWP Server Auditing Tools

The following are passive scanners that provide information to help you better understand your cybersecurity posture, which is useful for vulnerability assessments and regulation compliance audits.

Lynis Scan

Lynis, by CISOfy, does a system security assessment to provide various ways you can harden your system for best security practices and regulation compliance. 

Select Lynis Scan from the sidebar. Minutes after clicking Scan, you’ll have recommendations for hardening like:

  • Kernel configuration and processes
  • User and file permissions
  • System directories
  • Network security
  • Memory usage
  • Shell access and more
CWP Lynis Scan plugin

The terminal command equivalent for running Lynis is:

sudo lynis audit system

A symbolic link, or “soft link,” is a file that points to another file, similar to a shortcut on your PC desktop. Just as you might use desktop shortcuts to quickly access programs deep in system folders, malicious users can gain unauthorized access to your system to do the same with your private data. The Symlink Scan module locates symlinks on your system.

Select Symlink Scan from the sidebar. Select a CWP user from the drop-down menu and Scan User. Select View to review any found symlinks.

CWP Symlink Scan plugin

Advanced users can get similar results in the CWP terminal emulator with the following command:

find . -type l -ls

All security solutions mentioned above can be automated with cron jobs from the CWP dashboard to save you time. Learn more about CWP management.

Have full control of your environment and deploy the best operating and management systems that fit your needs with our reliable Cloud VPS solutions!

Comments

It looks like this article doesn't have any comments yet - you can be the first. If you have any comments or questions, start the conversation!

Was this article helpful? Let us know!