ConfigServer Services
Server Management Services from Way to The Web Ltd

Do you offer bulk purchase discounts on cxs?

We recommend that you purchase and trial a single license of cxs to ensure that cxs is right for you. We currently offer the following discounts for subsequent purchases at our discretion:

2-4 additional licenses 5% discount per license
5-9 additional licenses 10% discount per license
10-19 additional licenses 20% discount per license
20-49 additional licenses 30% discount per license (free installation not included for bulk purchases of 20 or more licenses)
50+ additional licenses 40% discount per license

Please contact us before ordering for a direct link for the discounted price if you have made multiple license purchases in the past. The online store only calculates the correct discount based on the number of licenses in the current order, not any past orders. 

Is there an ongoing or renewal license for cxs?

No. When you purchase a license for cxs you can continue to use that license on a single server for the lifetime of the product. During that time, you will be able to upgrade cxs free of charge.

Do you install cxs?

A single initial default installation is included with purchase of cxs. This involves the installation of the product onto the server and the configuration of the application hooks (pure-ftpd and ModSecurity (if already installed)). It does not include performing a scan, interpretation of reports, or further configuration of the application specific hooks.

There is no discount if you choose to install cxs yourself.

Can I move cxs to a new server and change the IP address it is registered to?

If you are going to retire the server that you initially had cxs licensed for or you have been required to change the server's IP address, then the licensed IP address can be changed. There is a web-based system for making a limited number of IP changes per license, after which you will need to contact us to make any further changes. We do not allow IP address changes simply to move the product between different servers. A separate license for each server is required if you wish to use the product on multiple servers.

Do you offer ongoing support for cxs?

We offer 7 days of support via our helpdesk from the day your order has been processed for cxs. You can use the community support forums for questions about custom configuration of cxs.

Who is cxs for?

cxs has been developed for server administrators, not end-users. It is designed for server administrators to more easily see what end-users are allowing to be uploaded to their web sites. It also provides a way to scan end-user web sites to see if suspicious files have already been uploaded or created.

What level of Linux server management expertise will I need to use cxs?

cxs is foremost a command line utility that is run from the root shell via SSH, cron jobs and application specific scripts. It is aimed at server administrators, not end-users.

You need to be comfortable running shell commands and understanding the construction of Command Line Interface (CLI) applications.

Interpretation of the reports produced by cxs will require a basic knowledge of the Linux OS and various programming languages (especially Perl and PHP).

Will cxs prevent exploitation of my server?

No. It will help notify you of suspicious files that either exist or are being uploaded to the server. It can help stop exploits from being uploaded to the server. It cannot prevent all types of exploits being uploaded or run on the server.

Will cxs detect defacement of user files?

cxs is designed to detect exploit scripts, not altered web files with defacement HTML. You can, however, create your own detections using regular expressions if you want to detect that type of issue.

Will cxs clean up exploits found on my server?

No. cxs will help identify exploits and suspicious files that it finds on the server and report them to you. It is then your responsibility to check each reported file and establish whether it is indeed an exploit or simply a false-positive (innocent).

Will cxs report false-positives?

Yes. cxs reports various types of suspicious files, directories and other resources within the scanned structure. It will almost always trigger false-positives as it is designed to highlight constructs and activities that are typically used by exploits. Unfortunately, legitimate scripts also do these things on occasion and cxs will report them for you to decide whether the activity is innocent or not.

If they are innocent you can use the ignore file feature to exclude them from scanning in the future.

Can you interpret my reports for me and tell me what to do?

No. It is your responsibility to interpret reports from cxs. An Exploit Scanning Reference is provided with each installation in /etc/cxs/reference.txt that explains what each report item has identified and why.

Can cxs detect root kits installed on my server?

No. cxs is designed to scan web user accounts for suspicious files. While this may include the source files for root kits uploaded to those accounts, it will not detect such root kits once they are installed into the OS.

Can I use cxs to scan my entire server for exploits?

No. cxs is designed to scan web user accounts for suspicious files. If you were to run it on the OS directories it will identify almost every file as a false-positive.

Does cxs scan inside compressed files (e.g. tarballs, zip files, etc)?

Yes, cxs can scan inside zip, tar, tar.gz and tar.bz2 files.

Does the UI provided with cxs provide a front-end to all functions of the product?

No. cxs is foremost a command line utility that is run from the root shell via SSH, cron jobs and application specific scripts. The UI provides a useful interface to the common aspects of cxs allowing you to access a great deal of its functionality and documentation. However, it is not a substitute interface to the CLI.

What problems can arise from using cxs?

There are several considerations must be taken into account should you decide to implement cxs on your server:

How many script products can cxs scan for old versions?

Currently, cxs scans for more than 200 individual applications, more than 200 WordPress plugins and more than 200 Joomla Extensions. Over 700 in total!