ConfigServer eXploit Scanner (cxs) is a tool from configserver that performs active scanning of files as they are uploaded to the server along with the files already exist on the server.
This is one of the best security tool for your server and thus you should install it on your CWP (Control WebPanel) server to prevent the dangerous scripts to be uploaded on your server.
In this tutorial, I will show you how to install and configure CXS software on your CWP server.
- Control WebPanel (formerly known as Centtos WebPanel) Installed on Server
- root server login
- Active CXS license for your server IP
Step 1 - Downloading and Installation of CXS from official site
Login to your server SSH using any SSH client e.g. Putty as a root user and perform following commands
cd /usr/src rm -f cxs* wget https://download.configserver.com/cxsinstaller.tgz tar -xzf cxsinstaller.tgz chattr -i -R /usr/local/cwpsrv/htdocs/admin/ perl cxsinstaller.pl ipv4 rm -fv cxsinstaller.*
Don’t forget to replace “ipv4” with your licensed server IP.
Step 2 - Adding clamd socket to cxs config for the scanner
sed -i '$ a clamdsock=/var/run/clamd.amavisd/clamd.sock' /etc/cxs/cxs.defaults
You may get following issue while performing the above command
sed: can’t read /etc/cxs/cxs.defaults: No such file or directory
It means that you don’t have file /etc/cxs/cxs.defaults. Actually, this exists but disabled as /etc/cxs/cxs.defaults
So, use following command to fix this issue
cd /etc/cxs mv cxs.defaults.sample cxs.defaults
Once this has been done, then try to perform above command again.
After installation of CXS, go to CWP-admin > Configserver Scripts >> ConfigServer Exploit Scanner and go through onscreen instructions and complete the installation (Default Settings are recommended)
If CXS gui ask for clamd scanner socket, run the `Step 2` command again and restart cxswatch service with the command given below
service cxswatch restart
If you encounter any issue during this process, leave the comment below or send an email at email@example.com