ConfigServer eXploit Scanner (cxs) is a new tool from the developers of csf that performs active scanning of files as they are uploaded to the server.
Active scanning is performed on all text files uploaded through:
PHP upload scripts (via a mod_security or suhosin hook)
Perl upload scripts (via a mod_security hook)
CGI upload scripts (via a mod_security hook)
Any other script type that utilizes the HTML form ENCTYPE multipart/form-data (via a mod_security hook)
The active scanning of uploaded files can help prevent exploitation of an account by malware by deleting or moving suspicious files to quarantine before they become active. This includes recent exploits such as the Dark Mailer spamming script and the Gumblar Virus.
cxs also allows you to perform on-demand scanning of files, directories and user accounts for suspected exploits, viruses and suspicious resources (files, directories, symlinks, sockets). It has been tuned for performance and scalability.
Included with the cxs Command Line Interface (CLI) is a web-based User Interface (UI) to help:
Schedule and Edit scans via CRON
Compose CLI scan commands
View, Delete and Restore files from Quarantine
Set and Edit default values for scans
Edit commonly used cxs files
cxs is currently a cPanel only product and is licensed on a per server basis at $50/server. Volume license pricing is available.
cxs is a commercial product that is sold and licensed on a per server basis. Unlike competing products, it is strictly a one-time per server license purchase with updates for the life of the product, all at a reasonable price! We can perform a single installation per cxs license for you without additional charge.