Skip to main content

Knowledge base

ImunifyAV antivirus for ISPmanager control panel

ImunifyAV is a website antivirus developed by Revisium team to find and cure any malicious script in just a single click.

It supports WordPress, Joomla!, Magento, Drupal, MODx, Bitrix, other php CMS, and static html websites as well.

Its former name is Revisium Antivirus (before version 5.182)

  1. Installing the antivirus 
  2. Buying the license 
  3. Configuring the system 
  4. Manual checking for viruses 
  5. Curing the threats discovered 
  6. Checking domains for sanctions 

Before installing, please make sure that:

  • Your ISPmanager is updated to the latest version,
  • The use of the putenv and passthru functions is allowed for PHP 7.1.  Go to the PHP Settings section — select PHP version 7.1 — Advanced Settings and make sure that «putenv» and «passthru» are missing in the «disable_functions» variable. 

Important! When installing the antivirus, the PHP 7.1 version with the ioncube, posix, intl, json extensions will be installed automatically.

Type of licensing:

  • Free version.
  • Premium version.

 

Free version   

Premium version

Manually starting file checking

+

+

Checking domains reputation 

+

+

Report on threats found

+

+

File curing

-

+

Sending a report on threats found by email

-

+

Configuring resources consumption

-

+

Checking for blocks in more than 50 antivirus databases     

-

+

Configuring a schedule for checks

-

+

Cancellation of the performed treatment

-

+

Storing source files after performing a treatment

-

+

Manually checking of a separate user or website

-

+

 

Installing the antivirus

In ISPmanager 6, ImunifyAV is available by default. You can install or delete it in the Modules section.

Buying the license

You can purchase the premium version of ImunifyAV antivirus (ex. Revisium) in two ways:  in the ISPmanager panel or directly through your personal account at my.ispserver.ae.

In ISPmanager panel::

  1. Go to the Modules section;
  2. In the Antiviruses section find ImunifyAV (ex. Revisium) and click on the Buy button. 
  1. Enter the login and password of your personal account and click Buy.
  1. You'll be redirected to the shopping cart, click the Pay button there.
  1. Select the payment method and press Pay.
  2. Go back to ISPmanager. If the service is enabled successfully, you will see the message: The service is ready for use.

 

In your personal account at my.ispserver.ae:

  1. In your Client Area, open the Products section — ISPsystem Modules and click on the Order button.
  1. Select ImunifyAV antivirus (ex-Revisium Antivirus) and click Order.
  1. Enter the License ID of your ISPmanager. You can find it in your ISPmanager panel by pressing the About program button in the Help section.
  1. Enable auto-renewal if necessary and click To shopping cart.
  1. Go to the Shopping Cart, click the Pay button.
  1. Choose a convenient payment method and pay.
  2. Go back to ISPmanager. If the service is enabled successfully, you will see the message: The service is ready for use.

Configuring the system

To configure the antivirus:

  1. Go to the Antivirus section — press on the Settings button.
  1. Configure the types of files to be scanned:
    1. For a quick check, enable the Express check option. Scanning will be performed only for files with ph*, html*, js, txt, tpl extensions and other critical files. At the same time, the scanning time and the load on the server will be reduced significantly.
    2. For a full check, disable the Express check option. Please note that the scanning may take a long time. To exclude files with media format and document extensions from scanning, enable the Do not scan media files option. To verify the selected files from the cache directories, enable the Optimize by speed option. It will reduce the scanning time significantly without compromising the quality of security threats identifying.
  2. Specify how many scanning threads are allowed at the same time. Threads run parallel to each other. Available values are: «1», «2», «4». Optimal value: 0.5*number of CPU cores. If your server has two or one processor core, the optimal value will be «1» thread.
  3. Specify the maximum amount of RAM allowed per thread. It defines the amount of RAM for a single thread. Available values: «256Mb», «384Mb», «512Mb», «1024Mb».
  4. Select the Logging Level to change the level of detalization of messages in the log. Available values are: «Normal», «Full».
  5. Select Maximum scan time per website. It determines the time after which the website scanning stops. Available values are: «1 hour», «3 hours», «12 hours», «24 hours», «Unlimited».
  6. Enable the Check domain for sanctions option to check if your websites and their IPs are on the black lists. 
  7. Enable the Auto-update antivirus databases option to keep ImunifyAV databases updated.
  8. Configuring automatic scanning:
    1. In the Scheduled Scan field, select the time interval after which the scan will be started. In the free version only two values are available: «Disabled» and «Once a month». In the paid version, you can choose from four options: «Disabled», «Daily», «Once a week», «Once a month».
    2. Select the exact time when the automatic scan starts in the "Run scan at" field.
    3. Enable the Notify about viruses by email option to receive notifications when viruses are detected. Enter your email address for notifications.
    4. If you want to use an external server to send notifications instead of the standard one, enable the Use external SMTP option. Enter the credentials for connecting to the SMTP server. SMTP server is an address of an external server. SMTP user is a login for authorization. SMTP password for authorization. SMTP port for connection. Enable the Use SSL for SMTP option to use the SSL protocol to connect to an external server. An SSL connection is required, for example, to send notifications via an smtp server. The field is available when the option is enabled.
  9. Configure banners displaying:
    1. Enable the Site Infection Banner option so that ISPmanager notifies you if viruses are found during a scan.
    2. Enable the Unconfigured notifications banner option so that ISPmanager notifies if the virus notification via email is not configured.
  10. Specify the period of storing the original versions of files after the site's treatment in the Store copies of cured files (days) section. This option is only available in the paid version. Available options are: «7», «14», «30».
  11. Enable the "Reset malicious file" to treat files safely instead of deleting them. It guarantees the site's operability after automatic treatment for those cases when malicious code is connected to another file or database via include. This option is only available in the paid version.

Manual checking for viruses

ImunifyAV antivirus has two scanning modes: by users and by domains. The mode can be changed by pressing the corresponding button: By domains or By users.

Scanning by users:

This mode allows you to check the files of a specific user for viruses. All system files of this user and files of his websites will be checked. You can run a scan on all users at once or check them selectively. You can also interrupt the scan if necessary.

  1. To run a scan, go to the Antivirus section.
  2. Select the user you would like to scan for viruses and click on the Scan button. You can also scan all users for viruses with the Scan all button.

Scanning by domains:

This mode allows you to check the files of a specific website for viruses. Only the website files will be checked, the users' system files won't be affected. You can run a scan on all websites at once or check them selectively. You can also interrupt the scan if necessary.

  1. To run a scan, go to the Antivirus section.
  2. Select the website you would like to scan for viruses and click on the Scan button. You can also scan all websites for viruses with the Scan all button.

Curing the threats discovered

When scanning is completed, you will receive a report on the status of websites or users. If a user of a website is infected it will be marked as "infected" with the number of threats found in the status column. The premium version of the antivirus allows you to perform automatic treatment of detected threats. 

  1. Select an infected user or website
  2. Click on the Cleanup button to cure all threats automatically.

Sometimes not all threats can be cleaned up. In this case:

  1. Go to the list of discovered threats by clicking on the Report button.
  1. The status field will describe the reason why a file cannot be cured for every untreated threat.

Treatment cancellation: 

Before treating infected files, the antivirus creates a backup copy of them. So if your website stops working correctly after the treatment, these copies will allow you to undo the changes made and discover the causes of the problems you faced. The antivirus allows you to roll back the changes for the entire user/domain, or for separate files.

If you want to cancel the treatment of a user or a website:

  1. Select the website or user where you want to cancel the treatment.
  2. Click on the Restore button.

To cancel the treatment of a specific file:

  1. Select the website or user where you want to cancel the treatment.
  2. Click on the Report button.
  1. Select the file you want to restore to its original state and click on the Restore Files button.

Copies of files made before starting the treatment are stored in a temporary directory /usr/local/mgr5/var/raisp_data/backups/

Checking domains for sanctions

The antivirus can check domains' reputation automatically during the check if this option is enabled in the settings. Domains' reputation is checked in accordance with the «black lists» of Google, Yandex, Roskomnadzor, more than 50 other antivirus services, and phishing pages lists.

Return to category