With hackers constantly innovating new types of malware to target servers with, website owners (and their hosting providers) need to stay on top of the latest anti-malware tools. cPanel offers a few basic protection options, but for many websites, that’s not enough.
Three of the industry leading anti-malware products are ConfigServer eXploit Scanner (CXS), Imunify360, and Maldet. At CanSpace Solutions we use all three, and can install them on the Virtual Private Server or Dedicated Server of any client. But if you’re trying to decide between them, here’s an overview of their similarities and differences.
ConfigServer eXploit Scanner (CXS)
In its most basic form, ConfigServer eXploit Scanner (CXS) automatically scans files as they are uploaded to the server. From there, it deletes or quarantines any suspicious files before they become active. It also prevents the uploading of PHP and perl shell scripts, which can be used to launch attacks or send spam.
The tool also offers on-demand scanning, including scans of existing user data to see if exploits have been uploaded in the past or via methods not covered by the active scanning.
The tool boasts “over 4000 known current exploit script fingerprint matches” on top of baseline protection via ClamAV, and regular expression pattern matching that is meant to catch novel scripts.
Imunify360
By most accounts, Imunify360 offers a very similar level of malware protection as CXS. However, the presence of a Web Graphic User Interface makes it a bit more friendly than the old-school CXS. If you’re intimidated by a script-only type tool, Imunify360 might be the “slicker” solution you’re looking for.
The tool also tries to cover even more bases, providing
- Antivirus
- Firewall
- WAF
- PHP Security Layer
- Patch Management
- Domain Reputation
Maldet
More fully known as Linux Malware Detect, Maldet uses data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection based on these. Users can also submit malware they’ve caught to add it to the database.
Notably, Maldet is open source and completely free. It does not have a real-time scanning and active protection from uploads in real time like the paid options above.
With all that being said, you don’t necessarily have to choose just one of these tools. Many people combine CSX or Immunify with Maldet for some redundancy and extra coverage.
If you need some advice on which security solution to do for your server, we are here to help! Reach out to us to tell us about your needs, and we’ll give you our recommendation.
