ConfigServer eXploit Scanner (cxs) is a tool which performs an active scanning of files as they are uploaded to the server. CXS Should only work on a cPanel/WHM server per the product’s requirements. However, you can still install it on a ‘clean’ CentOS machine as long as the required perl libraries are provided.
We’ve created an easy list of “copy & paste” actions for your convenience.
* The followed procedures had been tested on a clean CentOS 7 Minimal install with “Development Tools” installed (yum group install “Development Tools”)
#Make sure we have epel yum -y --nogpgcheck install epel-release # Install perl dependencies yum install -y --nogpgcheck perl-Archive-Extract perl-Archive-Tar perl-Archive-Zip perl-libwww-perl perl-LWP-Protocol-https yum install -y --nogpgcheck perl-Linux-Inotify2 --enablerepo=epel ## Install clamav scanner yum install -y --nogpgcheck clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd --enablerepo=epel ## Configure clamav scanner /bin/cp -f /usr/share/clamav/template/clamd.conf /etc/clamd.d/clamd.conf sed -i '/^Example/d' /etc/clamd.d/clamd.conf sed -i 's//root/g' /etc/clamd.d/clamd.conf sed -i 's/clamd./clamd.d/g' /etc/clamd.d/clamd.conf sed -i 's/#LocalSocket /LocalSocket /g' /etc/clamd.d/clamd.conf sed -i 's/#LogFile /LogFile /g' /etc/clamd.d/clamd.conf sed -i 's|#SelfCheck 600|SelfCheck 86400|g' /etc/clamd.d/clamd.conf replace "/var/run/clamd.d/clamd.sock" "/var/run/clamav/clamd.sock" -- /etc/clamd.d/clamd.conf /bin/cp -f /etc/freshclam.conf /etc/freshclam.conf.bak sed -i '/^Example/d' /etc/freshclam.conf cat << EOF > /usr/lib/systemd/system/clam-freshclam.service # Run the freshclam as daemon [Unit] Description = freshclam scanner After = network.target [Service] Type = forking ExecStart = /usr/bin/freshclam -d -c 4 Restart = on-failure PrivateTmp = true [Install] WantedBy=multi-user.target EOF systemctl enable clam-freshclam.service systemctl start clam-freshclam.service mv /usr/lib/systemd/system/clamd@.service /usr/lib/systemd/system/clamd.service replace "@" "" -- /usr/lib/systemd/system/clamd@scan.service cat << EOF > /usr/lib/systemd/system/clamd.service [Unit] Description = clamd scanner daemon After = syslog.target nss-lookup.target network.target [Service] Type = simple ExecStart = /usr/sbin/clamd -c /etc/clamd.d/clamd.conf --nofork=yes Restart = on-failure PrivateTmp = false [Install] WantedBy=multi-user.target EOF cd /usr/lib/systemd/system systemctl enable clamd.service systemctl enable clamd@scan.service systemctl start clamd.service systemctl start clamd@scan.service # disable default freshclam cron and run update nightly rm -f /etc/cron.d/clamav-update echo "0 6 * * * /usr/bin/freshclam > /dev/null 2>&1" >> /var/spool/cron/root ## Install CXS cd /usr/local/src/ wget https://download.configserver.com/cxsinstaller.tgz tar -xzf cxsinstaller.tgz perl cxsinstaller.pl # Make sure updates are running on daily basis ln -s /etc/cxs/cxsdaily.sh /etc/cron.daily/cxsdaily.sh systemctl start cxswatch systemctl enable cxswatch
That’s all 🙂
Eli.
Tags: CentOS, cPanel, CXS, WHM
Leave a Reply