cxs FAQ

Do you offer bulk purchase discounts on cxs?

We recommend that you purchase and trial a single license of cxs to ensure that cxs is right for you. We currently offer the following discounts for subsequent purchases at our discretion:

2-4 additional licenses, 5% discount per license
5-9 additional licenses, 10% discount per license
10-19 additional licenses, 20% discount per license
20-49 additional licenses, 30% discount per license (free installation not included for bulk purchases of 20 or more licenses)
50+ additional licenses, 40% discount per license

If you have purchased licenses previously and wish to order multiple licenses, please contact us before ordering so that we can enable the correct discount level. The online store calculates the correct discount based on the number of licenses in the current order, not any past orders.

Is there an ongoing or renewal license for cxs?

No. When you purchase a license for cxs you can continue to use that license on a single server for the lifetime of the product. During that time, you will be able to upgrade cxs free of charge.

Do you install cxs?

A single initial default installation is included with purchase of cxs. This involves the installation of the product onto the server and the configuration of the application hooks (pure-ftpd and ModSecurity (if already installed)). It does not include performing a scan, interpretation of reports, or further configuration of the application specific hooks.

There is no discount if you choose to install cxs yourself.

Can I move cxs to a new server and change the IP address it is registered to?

If you are going to retire the server that you initially had cxs licensed for or you have been required to change the server's IP address, then the licensed IP address can be changed. There is a web-based system for making a limited number of IP changes per license, after which you will need to contact us to make any further changes. We do not allow IP address changes simply to move the product between different servers. A separate license for each server is required if you wish to use the product on multiple servers.

Do you offer ongoing support for cxs?

We offer 7 days of support via our helpdesk from the day your order has been processed for cxs. You can use the community support forums for questions about custom configuration of cxs.

Does cxs work on Virtuozzo / OpenVZ VPS containers?

We no longer provide support for Virtuozzo or OpenVZ servers. While the product may work on these types of containers, there may be issues that we cannot support.

Who is cxs for?

cxs has been developed for server administrators, not end-users. It is designed for server administrators to more easily see what end-users are allowing to be uploaded to their web sites. It also provides a way to scan end-user web sites to see if suspicious files have already been uploaded or created.

What level of Linux server management expertise will I need to use cxs?

cxs is foremost a command line utility that is run from the root shell via SSH, cron jobs and application specific scripts. It is aimed at server administrators, not end-users.

Will cxs prevent exploitation of my server?

It will help notify you of suspicious files that either exist or are being uploaded to the server. It can help stop exploits from being uploaded to the server. It cannot prevent all types of exploits being uploaded or run on the server.

Will cxs detect defacement of user files?

cxs is designed to detect exploit scripts, not altered web files with defacement HTML. You can, however, create your own detections using regular expressions if you want to detect that type of issue.

Will cxs clean up exploits found on my server?

cxs will help identify exploits and suspicious files that it finds on the server and report them to you. It is then your responsibility to check each reported file and establish whether it is indeed an exploit or simply a false-positive (innocent).

Will cxs report false-positives?

cxs reports various types of suspicious files, directories and other resources within the scanned structure. It will trigger false-positives as it is designed to highlight scripts and files that are typically used by exploits. Unfortunately, legitimate scripts also do these things on occasion and cxs will report them for you to decide whether the activity is innocent or not.

If they are innocent you can use the ignore file feature to exclude them from scanning in the future.

Can you interpret my reports for me and tell me what to do?

It is your responsibility to interpret reports from cxs. Documentation is provided with each that explains what each report item has identified and why.

Can cxs detect root kits installed on my server?

cxs is designed to scan web user accounts for suspicious files. While this may include the source files for root kits uploaded to those accounts, it will not detect such root kits once they are installed into the OS.

Can I use cxs to scan my entire server for exploits?

cxs is designed to scan web user accounts for suspicious files. If you were to run it on the OS directories it will identify almost every file as a false-positive.

Does cxs scan inside compressed files (e.g. tarballs, zip files, etc)?

cxs can scan inside zip, tar, tar.gz and tar.bz2 files.

Does the UI provided with cxs provide a front-end to all functions of the product?

cxs is foremost a command line utility that is run from the root shell via SSH, cron jobs and application specific scripts. The UI provides a useful interface to the common aspects of cxs allowing you to access a great deal of its functionality and documentation. However, it is not a substitute interface to the CLI.

What problems can arise from using cxs?

There are several considerations must be taken into account should you decide to implement cxs on your server:

  • Extensive scans on the server will use server resources and can impact performance. By its nature it is I/O intensive as it processes large numbers of files.
  • It could lead to a large number of emails being sent if the web server is under sustained attacks.

How many script products can cxs scan for old versions?

Currently, cxs scans for more than 200 individual applications, more than 200 WordPress plugins and more than 200 Joomla Extensions. Over 700 in total!

Do you have a Data Process Agreement for the IP Reputation System?

The Data Process Agreement for the IP Reputation System is available as an addendum to our commercial license available here.