Whitelist HetrixTools in CSF

Download the latest IPs

wget -O hetrixtools.txt https://hetrixtools.com/resources/uptime-monitor-ips.txt

Display the latest IPs

awk '{print "csf -a",$2, $1}' hetrixtools.txt | sort -r

which will return something like

csf -a wk5-1.hetrixtools.com
csf -a wk9.hetrixtools.com
csf -a wk8.hetrixtools.com
csf -a wk5.hetrixtools.com
csf -a wk4.hetrixtools.com
csf -a wk2-1.hetrixtools.com
csf -a wk1-2.hetrixtools.com
csf -a wk6.hetrixtools.com
csf -a wk1-1.hetrixtools.com
csf -a wk1.hetrixtools.com
csf -a wk10.hetrixtools.com
csf -a wk3-1.hetrixtools.com
csf -a wk3.hetrixtools.com
csf -a wk11.hetrixtools.com
csf -a wk12.hetrixtools.com
csf -a wk3-2.hetrixtools.com
csf -a wk4-1.hetrixtools.com
csf -a wk6-1.hetrixtools.com
csf -a wk5-2.hetrixtools.com
csf -a wk2.hetrixtools.com
csf -a wk7.hetrixtools.com

You can then run the commands in SSH to add the monitoring IPs to CSF whitelist.

Install Imunify360

wget http://repo.imunify360.cloudlinux.com/defence360/i360deploy.sh
bash i360deploy.sh --key

yum update imunify360-firewall --enablerepo=imunify360-testing

Use both Comodo and Imunify360 rules

Set LF_MODSEC variable to “0” in CSF config.

If you have trouble with Imunify360 and would just like to temporarily disable it:

systemctl stop imunify360
systemctl stop imunify360-captcha
systemctl disable imunify360

If you Imunify360 services are stopped and you would like to have them running again:

systemctl start imunify360
systemctl start imunify360-captcha
systemctl enable imunify360

If you would like support from CloudLinux (developers of Imunufy360), add the following SSH key to your server, as well as whitelist their IPs in your firewall

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAgEA0kzTrtnpG3awsKlQRzo8tLzG0Rb93XO6plRtFsVmAtqyuk1nfwC36ISL+AT2+r4+xuZiK8taVgbPVDU/+dHD3ObMQPIvIZOvQWGZH0zZApeXfbKD3DaLfh5aQeI9kbeo3cGQufFIxTkSLVXHTmjISf3gggP7m17hI4jxiu5Gaw/lNwlrQtsBgyEsF4+Y5jSOn1fMkx+R//8ul6L97EBEIGA9Pzcy4tHtTCNxfAGOmUmx8ijnieqNb95wxU5hrhirmWbICeMkgECEsIOPkweWoBNmrVxAigSQuM0uJZeFl5x2I5KaocmXbpeswDCWjGCtEDjcY9WqBSGehuUxArZvGEcaeJ+AM+xIlr0yPTx+3y4JsN/hluzRX9vbuzBZxhctP0BALu8uXKjYvJr9STU0umNZrRHBBQKCIF16FPwcJ7d+H4KYFvxOiVTDKtIZJ5gCtp/nUtVeQFUPEwgirgypP4hv3gkE73A+2vl3lwZ1p2YBmzzbAOpeXDtDFNSpK6Kfa7ujK70ouM0EDptPe/aGJMuDet7RGlnn/zQdpXrCLpUZSVrsTFjN+NZ6uTah5r5QsOhTpL1IoD+FrW9ovgr6KwtM6rl/XKzrzmbnQGaGQY5h5Kan2a0Y24eIXm5MnncOgwZZUCpT7SV2b7cjASf5xMfU87Ihe3c/Vmi33pblD8E= [email protected] # CloudLinux # CloudLinux

Install Engintron


cd /; rm -f engintron.sh; wget --no-check-certificate https://raw.githubusercontent.com/engintron/engintron/master/engintron.sh; bash engintron.sh install

a) If your server has a single shared IP ONLY and you wish to use CloudFlare for any (or all) of your sites
# you will have to specify this shared IP address below otherwise you'll get errors from CloudFlare.
# This change will simply tell Nginx to skip DNS resolving and simply forward traffic to the shared IP.
# Uncomment the following line if all your sites on the shared (main) IP of your server are on CloudFlare:
set $PROXY_DOMAIN_OR_IP "xx.xx.xxx.xxx"; # Use your cPanel's shared IP address here


bash /engintron.sh remove

Install SiteMush

wget -N http://files.sitemush.com/install.sh
chmod 755 install.sh

/usr/local/cpanel/bin/unregister_cpanelplugin /usr/local/sitemush/panels/cpanel/sitemush.cpanelplugin;
rm -rf /etc/cron.d/sitemush;
rm -rf /usr/local/cpanel/whostmgr/cgi/sitemush;
rm -rf /usr/local/sitemush;
rm -rf /usr/local/cpanel/whostmgr/cgi/addon_sitemush.php;
rm -rf /usr/local/cpanel/whostmgr/cgi/addon_sitemush.cgi
rm -rf /usr/local/cpanel/base/frontend/x3/dynamicui/dynamicui_sitemush.conf;
rm -rf /usr/local/cpanel/base/frontend/paper_lantern/dynamicui/dynamicui_sitemush.conf;

Enable mod_lsapi

1) yum install liblsapi liblsapi-devel mod_lsapi
2) /usr/bin/switch_mod_lsapi --setup
a)# Enable for a single domain:
/usr/bin/switch_mod_lsapi --enable-domain [domain]
b)# or globally
switch_mod_lsapi --enable-global
4) service httpd restart
5) switch_mod_lsapi --build-native-lsphp

You can check if mod_lsapi is loaded by running:
httpd -M| grep lsapi
lsapi_module (shared)

/usr/bin/switch_mod_lsapi --uninstall

Note: CloudLinux will need to already be installed for this to work.