Full stack Linux web server security

Remove malware, monitor threats, resolve issues, and deploy industry-leading security services.

Malware Scanner

Fast & powerful antivirus for your server with infected file cleanup

cPGuard is designed to be a completely automatic defense on your web hosting server against malware with its intelligent threat-detection, symbolic link, binary threats and suspicious pattern recognition.

Best in class scanner with lowest resource usage

Background services demand fewer resources and run on the smallest of servers without affecting performance or slowing down the server.

  • Smart, realtime antivirus with WordPress and CMS threat detection

    Utilizes intelligent code processing algorithms for efficient detection of viruses, malware, spyware, redirects and symlinks

  • Automatically attempt to clean infected files

    Prevent website from going down by automatically cleaning virus injections* from infected files, Wordpres, Joomla, Opencart and other CMS core files.

  • Fast custom scans, leave no stone unturned

    Ensure no file was skipped by automatically rechecking files modified in the last 24 hours/week or running manual scans.

  • Highly configurable

    Easily customise the scanner with the UI or our advanced CLI. Add additional watch directories, whitelisting users & files and add user-defined database and more

Web Application Firewall

Our ModSecurity rules are based on intelligence gathered from real-world investigations, penetration tests and research data in the REAL LIFE environment. Our rules specifically designed for PHP applications deliver advanced filtering, security, and intrusion protection.

Web Application Firewall ModSecurity rules are based on intelligence gathered from real-world investigations

Optimized ModSecurity rules

Rules for SQL injection, Cross-site scripting (XSS), local and remote file inclusion (RFI), file upload vulnerabilities, zero-day attack, web shell etc.

Optimized ModSecurity rules Rules for SQL injection, Cross-site scripting (XSS), local and remote file inclusion.

CMS vulnerability patches and fixes

Protect your WordPress, Joomla, Opencart etc from attacks exploiting the latest vulnerabilities in plugins & themes, XML-RPC attacks and other threats.

CMS vulnerability patches Protect your WordPress, Joomla, Opencart etc from attacks exploting latest vulnerabilities

Generic Apache & PHP rules

Advanced filtering, security and intrusion protection for PHP sites and applications prevents attackers from exploiting insecure code on shared hosting servers.

Generic Apache & PHP Advanced filtering, security and intrusion protection for PHP sites.

Realtime intrusion protection

Our rules act as a shield, actively seeking out and blocking threats before they reach your website, minimizing the risk of damage or compromise

Commercial ModSecurity WAF rules powered by Malware.Expert
Commercial ModSecurity WAF rules

IPDB abusive IP blacklist

A real-time list of IP addresses that have been flagged for engaging in malicious or harmful activity like Web attacks, Brute-force, Spamming, DDoS attacks, Port scanning, Malware distribution etc.
Learn more →

Realtime, Collective intelligence

Realtime, Collective intelligence

The IP blacklist leverages the strength of attack data from servers, input from our partners and 3rd parties. Our algorithms dynamically generate a real-time list of abusive IPs, scoring them based on various parameters and refining them to prevent false positives. This ensures a smooth experience for legitimate users while actively mitigating potential risks from malicious actors.

Reduced server load

Drastically reduce server load

The list acts as a pre-emptive scanner, instantly recognizing known bots, attackers & troublemakers and dropping connection with ipset/iptables at a system level, way before it reaches the web server. This proactive approach helps prevent unauthorized access attempts, DoS attacks, and other malicious activities that could otherwise place a significant burden on server resources.

Bruteforce and Bad bot protection

Create a truly integrated server environment where detection, protection, and reporting of security threats happen simultaneously and collaboratively.

Reputation management, Security & optimization tools

A suite of solutions aimed at monitoring the server's reputation, protecting against hidden threats, and optimizing the security & firewall settings on the server.

Domain Reputation

Domain Reputation checks involve assessing the safety of each domain by cross-referencing it against Google Safe Browsing.

Be notified at the earliest of malicious or compromised domains hosted on the server, thereby letting you take immediate action and prevent the reputation or SEO ranking of other domains or your shared hosting server from going down.

DNSBL IP Reputation Check

Automatic RBL monitoring checks the server IPs against the real-time DNS-based blacklists (DNSBL) and notifies the admin of blacklisted IP addresses.

Being listed on a mail blacklist often results in emails sent from the affected IP being marked as spam or rejected by email servers. This can significantly impact the deliverability of legitimate emails.

Suspicious process and Rootkit monitoring

Suspicious process checks add an extra layer of defense to your security posture by identifying and terminating hidden processes, mining processes, bots, spamming scripts and other sophisticated threats that traditional methods might miss.

Rootkits camouflage themselves deeply within your system, often bypassing traditional antivirus detections. Rootkit checks delve deeper, revealing these hidden malicious actors, including hidden processes, files, and network connections.

Easy CSF configuration

Streamline the configuration process by presenting users with an intuitive UI that prioritizes user-friendliness and efficiency, allowing you to quickly and accurately set up critical CSF settings without the need for extensive technical knowledge.

Central dashboard

View and manage all your servers from a single place

Manage all your servers from a single interface, easily switch between servers, view server details, reports, events, change settings & do bulk actions. Easily add & share the server with other users.

cPGuard central dashboard portal

Feature-rich Command Line Interface

Our command line interface (CLI) unlocks a deeper level of control to advanced users. It provides several helpful commands that enable you to use and configure cPGuard even without a user interface.

Try cpgcli --help on your server with cPGuard.

Quick and painless setup on all major control panels

You can deploy cPGuard in minutes through automated scripts, seamlessly integrating with popular platforms like cPanel, Plesk, and DirectAdmin, Enhance, Runcloud etc.

Security plugin/software for cPanel
Security plugin/software for Directadmin
Security plugin/software for Plesk
Security plugin/software for Webuzo
Security plugin/software for Webmin
Security plugin/software for Cyberpanel
Security plugin/software for Control web panel
Security plugin/software for Enhance
Security plugin/software for Interworx
Security plugin/software for Standalone
Standalone installations for linux servers

Standalone installations on Linux servers with or without a control panel
Learn more →

Puts you in control by offering support for all major Linux distributions, empowering you to choose the perfect fit.

Security software for Centos OS
Security software for RedHat OS
Security software for Cloud Lionux OS
Security software for Ubuntu OS
Security software for Rocky Linux OS
Security software for Amazon Linux2 OS
Security software for Alma Linux OS
Security software for Debian OS

Other features

Uncover the full spectrum of features within cPGuard

Automatic account suspension

Automatic account suspension

Immediate suspension upon reaching a set threat detection criteria minimizes potential damage from viruses or blacklisted domains, protects sensitive data, prevents malware propagation and full server compromise.

Block requests by countries

Block requests by countries

Incoming requests from specific countries or regions can be either allowed or denied based on your settings.

Automatic spam filtering saves time and resources

SRBL mail server RBL

Automatic spam filtering saves time and resources by preventing spam from reaching your mail server and consuming processing power.

Monitors and reports potential spamming scripts

Spam monitoring

Monitors and reports potential spamming scripts by analyzing mail queues.

Continually observes active processes, identifying and mitigating potential threats

Process monitoring

Continually observes active processes, identifying and mitigating potential threats such as malware and resource-hogging crypto-mining scripts in real time.

Wordpress wp-cron scheduling

WordPress wp-cron scheduling

Optimize the execution of wp-cron, ensuring efficient background processing, optimal resource usage and reduced overload during peak hours.

Automatically replace infected core files of popular CMS

CMS core file replacement

Automatically replace infected core files of popular CMS and plugins with clean, original versions from our CDN.

Block PHP files upload

Block PHP file upload

Implement proper file upload security measures by blocking PHP script uploads via forms in insecure code.

WordPress core file integrity checks

WordPress core file integrity checks

Regularly verifying the integrity of critical files in a WordPress installation without manual intervention. This security measure helps ensure that core files have not been tampered with or compromised, reducing website downtime.

Daily security and alert report

Daily security and alerts report

A daily security digest is a valuable tool for staying informed, proactive, and in control of your system's security. By regularly reviewing these reports, you can make informed decisions, prioritize security efforts, and ensure a safer and more secure environment for your server.

Daily scan

Ensure no file is left unchecked by automatically rechecking files modified in the last 24 hours.

Systematically reviews and rechecks files modified within the past week

Weekly scan

Systematically reviews and rechecks files modified within the past week on a system or website.