Skip to main content
Sign in

CloudLinux Knowledge Base

  1. CloudLinux
  2. Imunify Security Products
  3. Articles

Ignore files by Hash

Luis Nunez
  • Updated

Blocking malware by hash is a powerful and efficient way to protect systems from specific threats. Here are some key benefits:

High precision, minimal performance impact, and definitive identification of threats.

Environment

  • Imunify360

Solution

Getting Started

To implement the new hash-based ignore list:

  1. Create or edit the file /etc/imunify360/malware-ignore-hashes.txt
  2. Add SHA256 hashes of files you want to exclude from scanning
  3. Use comments to maintain clear documentation of your exclusions
  4. Optionally configure the UI to hide path-based ignore list management
  5. Deploy the configuration across your servers using your preferred management tools

For detailed implementation guidance and best practices, please refer to our technical documentation or contact our support team.

How It Works

The system uses a file located at /etc/imunify360/malware-ignore-hashes.txt. The format is straightforward—one SHA256 hash per line, with optional comments for better organization. For example:

# PHP file managers
f157c3ede78333087829cdd211c55822e635d6c419606c3675bc8201b556bc9f                                         # Adminer
dcfd0433dc46bd82ec5aa7c9998b4ae7087731a45d3a443e3724da7aabe1e4c5

Also, you can control the visibility of path-based ignore list UI management using a simple configuration option:

imunify360-agent config update '{"PERMISSIONS": {"allow_local_malware_ignore_list_management": true}}'

 

Useful links

https://blog.imunify360.com/hash-based-ignore-lists-new-feature-in-imunify360 

Comments

0 comments

Article is closed for comments.

Related articles