Full stack Linux web server security

Remove malware, monitor threats, resolve issues, and deploy industry-leading security services.

Malware Scanner

Fast & powerful antivirus for your server with infected file cleanup

cPGuard is designed to be a completely automatic defense on your web hosting server against malware with its intelligent threat-detection, symbolic link, binary threats and suspicious pattern recognition.

Best in class scanner with lowest resource usage

Background services demand fewer resources and run on the smallest of servers without affecting performance or slowing down the server.

Smart, realtime antivirus with WordPress and CMS threat detection

Utilizes intelligent code processing algorithms for efficient detection of viruses, malware, spyware, redirects and symlinks
Automatically attempt to clean infected files

Prevent website from going down by automatically cleaning virus injections^* from infected files, Wordpres, Joomla, Opencart and other CMS core files.
Fast custom scans, leave no stone unturned

Ensure no file was skipped by automatically rechecking files modified in the last 24 hours/week or running manual scans.
Highly configurable

Easily customise the scanner with the UI or our advanced CLI. Add additional watch directories, whitelisting users & files and add user-defined database and more

Web Application Firewall

Our ModSecurity rules are based on intelligence gathered from real-world investigations, penetration tests and research data in the REAL LIFE environment. Our rules specifically designed for PHP applications deliver advanced filtering, security, and intrusion protection.

Optimized ModSecurity rules

Rules for SQL injection, Cross-site scripting (XSS), local and remote file inclusion (RFI), file upload vulnerabilities, zero-day attack, web shell etc.

CMS vulnerability patches and fixes

Protect your WordPress, Joomla, Opencart etc from attacks exploiting the latest vulnerabilities in plugins & themes, XML-RPC attacks and other threats.

Generic Apache & PHP rules

Advanced filtering, security and intrusion protection for PHP sites and applications prevents attackers from exploiting insecure code on shared hosting servers.

Realtime intrusion protection

Our rules act as a shield, actively seeking out and blocking threats before they reach your website, minimizing the risk of damage or compromise

Commercial ModSecurity WAF rules powered by Malware.Expert

IPDB abusive IP blacklist

A real-time list of IP addresses that have been flagged for engaging in malicious or harmful activity like Web attacks, Brute-force, Spamming, DDoS attacks, Port scanning, Malware distribution etc.
Learn more →

Realtime, Collective intelligence

The IP blacklist leverages the strength of attack data from servers, input from our partners and 3rd parties. Our algorithms dynamically generate a real-time list of abusive IPs, scoring them based on various parameters and refining them to prevent false positives. This ensures a smooth experience for legitimate users while actively mitigating potential risks from malicious actors.

Drastically reduce server load

The list acts as a pre-emptive scanner, instantly recognizing known bots, attackers & troublemakers and dropping connection with ipset/iptables at a system level, way before it reaches the web server. This proactive approach helps prevent unauthorized access attempts, DoS attacks, and other malicious activities that could otherwise place a significant burden on server resources.

Bruteforce and Bad bot protection

Create a truly integrated server environment where detection, protection, and reporting of security threats happen simultaneously and collaboratively.

Captcha protects login pages

Protect login pages, WordPress, Joomla, Opencart or other CMS admin pages and custom URLs against a wide range of automated brute force, dictionary attacks and more.

The DNS-based captcha is served by our secure, offsite server cluster thereby reducing overhead on your server from repeated bot/script attacks.

Integration with Config Server Firewall (CSF)

cPGuard works seamlessly with Config Server Firewall to automatically identify, escalate and block all network, application and protocol layer attacks launched at websites and applications.

CMS Bruteforce protection

Prevent large-scale Brute force attacks from taking down your site. An essential security feature that monitors and controls distributed attacks before they affect you.

Block bad bots and user agents

Protect your website or application from harmful automated activity or "bad bots". By blocking malicious bots, conserve server resources, bandwidth, and prevent unnecessary strain on web servers. This can lead to improved website performance and a better user experience.

Reputation management, Security & optimization tools

A suite of solutions aimed at monitoring the server's reputation, protecting against hidden threats, and optimizing the security & firewall settings on the server.

Domain Reputation

Domain Reputation checks involve assessing the safety of each domain by cross-referencing it against Google Safe Browsing.

Be notified at the earliest of malicious or compromised domains hosted on the server, thereby letting you take immediate action and prevent the reputation or SEO ranking of other domains or your shared hosting server from going down.

DNSBL IP Reputation Check

Automatic RBL monitoring checks the server IPs against the real-time DNS-based blacklists (DNSBL) and notifies the admin of blacklisted IP addresses.

Being listed on a mail blacklist often results in emails sent from the affected IP being marked as spam or rejected by email servers. This can significantly impact the deliverability of legitimate emails.

Suspicious process and Rootkit monitoring

Suspicious process checks add an extra layer of defense to your security posture by identifying and terminating hidden processes, mining processes, bots, spamming scripts and other sophisticated threats that traditional methods might miss.

Rootkits camouflage themselves deeply within your system, often bypassing traditional antivirus detections. Rootkit checks delve deeper, revealing these hidden malicious actors, including hidden processes, files, and network connections.

Easy CSF configuration

Streamline the configuration process by presenting users with an intuitive UI that prioritizes user-friendliness and efficiency, allowing you to quickly and accurately set up critical CSF settings without the need for extensive technical knowledge.

Central dashboard

View and manage all your servers from a single place

Manage all your servers from a single interface, easily switch between servers, view server details, reports, events, change settings & do bulk actions. Easily add & share the server with other users.

Feature-rich Command Line Interface

Our command line interface (CLI) unlocks a deeper level of control to advanced users. It provides several helpful commands that enable you to use and configure cPGuard even without a user interface.

Try cpgcli --help on your server with cPGuard.

Quick and painless setup on all major control panels

You can deploy cPGuard in minutes through automated scripts, seamlessly integrating with popular platforms like cPanel, Plesk, and DirectAdmin, Enhance, Runcloud etc.

Standalone installations on Linux servers with or without a control panel
Learn more →

Puts you in control by offering support for all major Linux distributions, empowering you to choose the perfect fit.

Other features

Uncover the full spectrum of features within cPGuard

Automatic account suspension

Immediate suspension upon reaching a set threat detection criteria minimizes potential damage from viruses or blacklisted domains, protects sensitive data, prevents malware propagation and full server compromise.

Block requests by countries

Incoming requests from specific countries or regions can be either allowed or denied based on your settings.

SRBL mail server RBL

Automatic spam filtering saves time and resources by preventing spam from reaching your mail server and consuming processing power.

Spam monitoring

Monitors and reports potential spamming scripts by analyzing mail queues.

Process monitoring

Continually observes active processes, identifying and mitigating potential threats such as malware and resource-hogging crypto-mining scripts in real time.

WordPress wp-cron scheduling

Optimize the execution of wp-cron, ensuring efficient background processing, optimal resource usage and reduced overload during peak hours.

CMS core file replacement

Automatically replace infected core files of popular CMS and plugins with clean, original versions from our CDN.

Block PHP file upload

Implement proper file upload security measures by blocking PHP script uploads via forms in insecure code.

WordPress core file integrity checks

Regularly verifying the integrity of critical files in a WordPress installation without manual intervention. This security measure helps ensure that core files have not been tampered with or compromised, reducing website downtime.

Daily security and alerts report

A daily security digest is a valuable tool for staying informed, proactive, and in control of your system's security. By regularly reviewing these reports, you can make informed decisions, prioritize security efforts, and ensure a safer and more secure environment for your server.

Daily scan

Ensure no file is left unchecked by automatically rechecking files modified in the last 24 hours.

Weekly scan

Systematically reviews and rechecks files modified within the past week on a system or website.