ClamAV vs Immunify

swbrains

• June 01, 2020 15:53

I recently upgraded cPanel and received Immunify AV. It looks like my server has ClamAV running on it currently but I enabled Immunify when it prompted me to upon WHM login. Is is necessary to run both? Do they scan different things? Thanks for any guidance or advice anyone can provide!

• 

  cPanelLauren

  • June 02, 2020 20:53

  Immunify actually uses (or used previously) ClamAV for some items at one point, though I believe they've almost removed it from the product completely, it's perfectly fine to have them both, they may have different virus signatures in their databases. The only impact you might see though is increased load.

  0
• 

  swbrains

  • June 02, 2020 21:02

  Ok, thanks. Sounds like there is some overlap with them, and it's not as if they are doing completely different types of scans. I'd like to disable one since I am trying to keep my server load where it is. :)

  0
• 

  swbrains

  • June 03, 2020 14:29

  I noticed this morning that my server's backup routine is running during daytime hours, while it usually ran overnight. My guess is that Immunify is running overnight now and perhaps "pushing" the backup to run at a lower-load time, which happens to be later in the morning. Where in WHM do I disable Immunify if I want to test this theory?

  0
• 

  swbrains

  • June 03, 2020 14:42

  Nevermind -- I found it in WHM. I was searching for "Immunify" and just realized it's called "Imunify" with one "m". :)

  0
• 

  swbrains

  • June 03, 2020 14:51

  Ok, I'm back with a new question! :) I found the config page for Imunify and set it to "Never" scan, which I assume is how you disable it. Yet I am currently seeing "defence360agent.run " in my process listing and it's using a fair amount of CPU. Googling this item indicates it's part of Imunify. Apparently, I haven't disabled all of it. Any ideas to completely disable all of the Imunify processes? Or perhaps to just uninstall it?

  0
• 

  cPanelLauren

  • June 03, 2020 17:30

  I was just going to say you can disable scanning in the background by setting it to never but you can also just stop imunify systemctl stop imunify-antivirus
  Then restart it when you're ready: systemctl start imunify-antivirus
  Which stops the agent from running

  0
• 

  swbrains

  • June 03, 2020 18:02

  Will this stop the service from restarting automatically if the server is rebooted? Or is it best to simply uninstall to ensure it doesn't run in the future?

  0
• 

  swbrains

  • June 05, 2020 19:45

  Thanks!

  0
• 

  Kent Brockman

  • June 08, 2020 19:03

  I was just going to say you can disable scanning in the background by setting it to never but you can also just stop imunify systemctl stop imunify-antivirus
  Which stops the agent from running

  
  Will cPanel add an entry to control Imunify from WHM's Service Manager? I think you should, guys. Regards

  0
• 

  Kent Brockman

  • June 08, 2020 19:05

  Also... not having the threats reports being emailed to the server admin email, makes it really useless and hence, not willing to purchase it.

  0
• 

  CloudLinux Skhristich

  • June 16, 2020 13:11

  Hello, You can leave the antivirus that suits you preferred, they do about the same thing, but AV+ has more features, you can find them here Imunify360 - ImunifyAV Thank you

  0

Please sign in to leave a comment.