Knowledgebase

The IQ Hosting team has developed a custom ImunifyAV Webmin Module that seamlessly integrates the standalone ImunifyAV(+) interface directly into Webmin. This allows you to manage malware scans, notifications, and protection features from one place—without switching between dashboards or using separate credentials.

Main Features

• UI Integration: Securely embeds the ImunifyAV(+) web interface inside Webmin via iframe.
• Token-Based Login: No credentials required; uses auto-refreshing authentication tokens.
• Enhanced Security: Access is restricted to the root IP address for better protection.
• Real-Time Notifications: Built-in Telegram and Email alerts for scan events and malware detection.
• Free & Open Source: Works natively with Webmin and Virtualmin with no extra costs.

Installing ImunifyAV(+)

Prerequisites

1. Review the official ImunifyAV Standalone documentation first to understand the installation requirements and options — but do not run the installation yet:
   ImunifyAV Standalone Documentation
   Note: You must configure the integration.conf file before running the installation to avoid setup errors.
2. Create the configuration directory:
   mkdir -p /etc/sysconfig/imunify360
3. Create the integration configuration file:
   nano /etc/sysconfig/imunify360/integration.conf

   Add the following configuration:

   [paths]
   ui_path = /home/._hostname/public_html/imunifyav
   ui_path_owner = _hostname:_hostname
   
   [pam]
   service_name = system-auth
   Important Note: Webmin automatically creates a user named ._hostname when SSL is enabled for the hostname. The subdirectory name must be exactly imunifyav.
4. Install ImunifyAV:
   wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.sh -O imav-deploy.sh
   bash imav-deploy.sh

Installing the Webmin Module

1. Download the module package from GitHub:
   imunifyav.wbm.gz
2. In Webmin, go to:
   Webmin Configuration → Webmin Modules
3. Select From uploaded file, upload the imunifyav.wbm.gz file, and click Install Module.
4. Once installed, open the ImunifyAV Manager module from the System section in Webmin.
5. On first access, click Enable CSP to activate Content Security Policy.

Configuring Notifications

The module supports notifications via Telegram and Email for the following events:

• User scan started
• Custom scan started
• User scan malware detected
• Custom scan malware detected

Setup Steps

1. Open the ImunifyAV Manager module from Webmin
2. Go to the Notification Settings tab
3. To enable Telegram:
   • Enable Telegram option
   • Enter Bot Token (get it from @BotFather)
   • Enter Chat ID (get it from @userinfobot)
4. To enable Email:
   • Enable Email option
   • Enter recipient email address
5. Click Save Settings
6. In the ImunifyAV Event Hooks section, click Enable Notifications
7. The ImunifyAV service will restart automatically

Required Dependencies

To ensure notifications work properly, install the following Perl modules:

Security and Best Practices

• Authentication is handled through short-lived tokens, not plain passwords.
• The iframe integration is securely restricted to the root IP address.
• Content Security Policy (CSP) prevents XSS and clickjacking attacks.
• All user inputs are validated and sanitized.
• Fully compatible with Webmin and Virtualmin for unified, free, and open-source server security management.

Support and Contributions

This is the first release (v1.0.0) of the ImunifyAV Webmin Module developed by IQ Hosting. We welcome feedback and suggestions for future improvements!

• Project Repository: iq-hosting/imunifyav-webmin-module
• Report Issues: GitHub Issues
• Full Documentation: README.md