Sometimes it is needed to install Imunify360 on several servers with identical configurations or copy existing configs to other servers. Here you can find the list of steps on how to clone the installation of Imunify360 for several servers with identical configurations.

Step 1. Installation

Step 2. Cloning config files

Step 3. Whitelists / Blacklists / Blocked Ports

Step 4. Features re-installation

Step 5. Setup backup system

Step 1. Installation

Firstly, Imunify360's usual installation comes. All necessary changes including integration with 3rd party components will be applied during installation & agent startup. See the manual for details.

Step 2. Cloning config files

Secondly, copy the following files from the existing installation.

•  /etc/sysconfig/imunify360/imunify360.config.d/*
•  /usr/share/i360-php-opts/module.ini
•  /usr/share/i360-php-opts/rules_whitelist (if it exists)
•  /etc/pam_imunify/i360.ini
• /var/i360_pam_imunify/users/users.txt (if it exists)
• /etc/sysconfig/imunify360/hooks.yaml

The `scp` command can be used for it, e.g.:

# scp /etc/sysconfig/imunify360/imunify360.config.d/* root@example.com:/etc/sysconfig/imunify360/imunify360.config.d/

Where example.com is the target server.

In order to apply notifications (Hooks) settings on the target system, run:

# systemctl restart imunify-notifier

All required settings will be picked up and applied automatically. It is also important to mention, that other files in /var/imunify360 should be managed by Imunify, also including Independent Agent ID /var/imunify360/iaid.

Step 3. Whitelists / Blacklists / Blocked Ports

Whitelist and blacklist entries that are distributed as files can be found at /etc/imunify360/whitelist/*.txt and /etc/imunify360/blacklist/*.txt (see the manual for details).

If you want to export local Imunify360 firewall entries and then import them into a new Imunify360 instance, use the following CLI command on a source server:

# imunify360-agent blacklist ip list --limit 999999 | tail -n +2 | awk '{print $1}' > blacklist.txt
# imunify360-agent blacklist country list --limit 999 | tail -n +2 | awk '{print $2}' > blacklist-c.txt

(see the manual for details)

# imunify360-agent whitelist ip list --limit 999999 | tail -n +2 | awk '{print $1}' > whitelist.txt

(see the manual for details)

Note: there is no need to migrate blocked ports configuration since it is already defined in imunify360.config

Copy the blacklist.txt, blacklist-c.txt, and whitelist.txt files to a target server. Execute the following commands to import lists:

# cat blacklist.txt | xargs imunify360-agent blacklist ip add
# cat blacklist-c.txt | xargs imunify360-agent blacklist country add
# cat whitelist.txt | xargs imunify360-agent whitelist ip add

Step 4. Features re-installation

You need to re-setup features from the original server which you’re using. There are few available features:

• kernelcare
• hardened-php
• invisible-captcha

To evaluate installed features do the following:

# imunify360-agent features status kernelcare
# imunify360-agent features status hardened-php
# imunify360-agent features status invisible-captcha

Once you get the list of needed features you can install them one by one:

# imunify360-agent features install <feature-name>

Step 5. Setup backup system

• In case if you’ve used a backup service then you need to re-setup it in a new environment.

  Particular steps depend on the backend used for backup:

  • Use embedded backup service of a hosting panel (cPanel, Plesk, DirectAdmin):

    Copy the /etc/sysconfig/imunify360/.imunify360.backup_config file from the existing installation.

  • To use the same Acronis account:

    Copy the /var/restore_infected/acronis_api_token.json file from the existing installation.

  • All other cases:

    See the manual for details.

 That’s it.