ConfigServer eXploit Scanner is a tool to perform active scanning of files which are uploaded to the server.
CXS is installed on all cPanel servers easily through which we will get alerted if any file uploaded to our server. Also, we can manage CXS via WHM GUI easily just like CSF management.
CXS will frequently scan our servers and if anything found as suspicious then it will email us with the details such as IP of the user from where they upload, Web upload script user, Web upload script owner, Web upload script path, Web upload script URL, and also if we can configure CSX to quarantine if any suspicious file uploads occur then it will automatically quarantine those files to quarantine location which can be mentioned during installation. CXS will detect any malware and remove them from our cPanel server. If you need to make your server malware free, CXS is a great tool which will frequently scan your server and remove malware if any. The live scanning ability of CXS and the very large exploit database of known malware makes it a must have feature on cPanel server to protect against malware attacks. Let’s discuss some of features of CXS:
1) Actively scans all modified files within user accounts
2) PHP upload scripts (via a ModSecurity hook)
3) Perl upload scripts (via a ModSecurity hook)
4) CGI upload scripts (via a ModSecurity hook)
5) Any other web script type that utilizes the HTML form ENCTYPE multipart/form-data (via a ModSecurity hook)
6) Pure-ftpd uploads