cPGuard integration work in progress: Page 3 - Enhance Control Panel

cPGuard integration work in progress

george

MediaServe Do you know when they will Implement WAF on the Apache web server?

MediaServe

george When Enhance supports ModSecurity for Apache. Once that happens, within the cPGuard portal you should be able to enable the WAF for an Apache server.

opsshield

george
Hello George, Thank you for using cPGuard for your existing servers. Kindly note that the missing WAF in Apache is not a limitation in cPGuard rather it is because of missing ModSec module like @MediaServe mentioned. We can quickly enable WAF for Apache once ModSec is enabled in Apache.

Nick

Will cPGuard be integrated in the Enhance UI?

kyzoeadmin

That would be great, but for now it is standalone, you have to login in a separate subdomain at cpguard.

opsshield

Hello Nick, Right now all our admin side management is managed through our app portal service..so there is no integrated UI is for any control panels including Enhance....but for cPanel and DA we have a local UI for user-level access. That is something we can consider if Enhance can support plugins. Along with that, we have a new product releasing soon called "cPGuard Lite" with integrated UI and we will try to add a local UI for Enhance as well if it is possible. Initially, it will support only cPnnel and we will add more panel support gradually.

kyzoeadmin

opsshield i use it now for less than a month, in trial but i seem to get reasonable many false positives and reporting does not work, as i do not get a email when the scanner find something. That makes it sometimes difficult to notice what is going on offcourse there is the panel but a mail would so much more convient...

MediaServe

kyzoeadmin What sort of false positives to you get? I rarely see them. I did have a malware false positive that was a bit of a trouble spot 2-3 months ago affecting WordPress users. It was related to a particular file in a particular theme as I recall, and I had to restore it from the affected accounts. Not a big deal but some bulk restoration options among dozens of servers could be a big help (I've asked for that.)

I'd be happy to provide whatever assistance I can on false positives, and as long as clients on either cPanel or Enhance has proper email address they should receive notifications. Anyway I think false positives probably affect any security system. The thing about them is being sure that your false positives from a security system don't exceed your actual problems without it.

BTW I generally enable ALL the waf options, use IPDB, bad blocker list, etc and I should have false positives for then I've experienced.

kyzoeadmin

Today a file in WooCommerce payments is marked as {CPG}.php.pnbbankphish.001 when i open de file in the original download and compare it with the hosted file in: wp-content/plugins/woocommerce-payments/dist/index.js it is exactly the same as the file reported even the CRC is correct.

I understand that CPguard scans for some pieces of code and flags a file. But this gives me a lot of false positives.

josedieguez

kyzoeadmin test it for a while with just email report, and not doing automated actions.

we are using cpguard on 4 servers as of now (with Cpanel/DA, around 1200-1500 accounts) and we have reported 3 or 4 false positives to them, all of the rest seems legit.

kyzoeadmin

josedieguez the issue is i don't get email report, i don't do any automated actions at all. I will report them.

josedieguez

kyzoeadmin

That's odd, we do get the reports

opsshield

kyzoeadmin The mentioned file false positive is already received. The file got some recent updates and it was triggering one of our virus rules. We released an update in 12 hrs after we received the first report.

Regarding email notifications, we used to relay the local server for email notifications, and we were told that having a local email service is not recommended in Enhance systems. In case you do not get email reports, you do not have local email service. So the latest version of cPGuard ( released last week...we may have another version update in 24 hrs ) comes with an option to configure SMTP AUTH to send email notifications. So you can go to Settings >> Notifications and configure SMTP AUTH to receive email notifications. We are also planning for Slack type webhooks for notifications but no ETA yet for that.

kyzoeadmin

opsshield Thanks very much !!

badboybackagain

opsshield Are you guys releasing an integration with cpguard lite & enhance?

opsshield

badboybackagain Not in our plans yet because the Lite version requires local UI and Enhance does not provide us an option to register the plugin from our side. Considering the current roadmap, I am not sure whether they will consider creating a UI option for us this year.

opsshield

badboybackagain Just an update ....we will be releasing cPGuard Lite with an upgraded CLI tool. So you can use cPGuard on enhance servers just like ClamAV and can manage everything using CLI. Still no plan for UI integration as there is no option for us.

kyzoeadmin

opsshield DO you have a spot to submit feature requests. We use CPguard now on two servers, but it would be great to have the username in the emails you send out.

opsshield

kyzoeadmin Please reach our support desk...we will review it and include the feature in one of the upcoming releases.

MediaServe

kyzoeadmin And here's the link:

https://manage.opsshield.com/plugin/support_manager/client_tickets/add/2/

« Previous Page Next Page »