ConfigServer eXploit Scanner
for cPanel and DirectAdmin

$60 per server
Bulk purchase discounts

ConfigServer eXploit Scanner (cxs) is a server malware, exploit and antivirus scanner that performs active scanning of files as they are uploaded to the server. Initial installation with recommended configuration options is included with the license.

  • For dedicated or virtual servers – protects all domains, IP addresses and users on the server
  • Active (realtime), manual, and scheduled scanning can be performed
  • Scans for suspected exploits, viruses, suspicious resources
  • Quarantine or delete suspicious files

Who can use ConfigServer eXploit Scanner?

  • Web hosting companies
  • Small/medium businesses managing their own dedicated or virtual servers
  • Server management companies wanting to offer value added services
  • Anyone running a cPanel or DirectAdmin dedicated server or virtual server, who wants protection from server exploits and malware

Benefits of ConfigServer eXploit Scanner

  • Provides an easy to use interface within the root or admin control panel. 
  • Licensed on a per server basis, no limit on users or accounts. 
  • One time purchase price, includes software updates for the life of the product. No monthly fees.

Exploit Detection

  • Over 4000 known current exploit script fingerprint matches (in addition to standard ClamAV detection)
  • Antivirus scanning using ClamAV
  • Regular expression pattern matching to help identify known/unknown exploits
  • Filename matching
  • Suspicious file names
  • Suspicious file types
  • Binary executables
  • Some illegal web software installations
  • Custom user specified regular expression patterns
  • Comprehensive constant scanning of all user data using the cxs Watch daemon – scans all user files as soon as they are modified
  • Daily check for new exploit fingerprints
  • Check for out-dated versions of popular web scripts (e.g. WordPress, Joomla, osCommerce)
  • Bayes probability scanning – scans scripts and passes the contents through an algorithm which produces a probability as to whether it is an exploit

Contact us via Email or the Helpdesk
Check the Frequently Asked Questions

$60 per server
Bulk purchase discounts


  • Monitor files and directories for changes and send an email report of activity
  • IP Reputation System. The system provides a variety of IP blocklists gathered from information that is submitted by participating servers. This dual aspect provides the information to help protect the server using the reputation from active attacks
  • Major update to Script Version Scanning. cxs now scans for more than 200 individual applications, more than 200 WordPress plugins and more than 200 Joomla Extensions. Over 700 in total!
  • cxs Setup Wizard to the UI for easy first-time configuration
  • cxs Command Wizard to help create effective scan commands
  • new quarantine interface via an SQLite database
  • statistics to provide information at a glance as to what cxs has been doing
  • command Wizards to help configure cxs Watch and Modsecurity
  • cxs Daily/Weekly Scan Wizard, to create and modify cron jobs in /etc/cron.d/cxs-cron
  • EXPERIMENTAL support for RHEL v7.* fanotify and CloudLinux v7.* File Change API
  • Official support for cPanel, DirectAdmin and Interworx
  • BETA support for Plesk Onyx/Obsidian, VestaCP , CentOS Web Panel (CWP) and CyberPanel.

Web Based Admin Interface

  • Run scans
  • Schedule and Edit scans via CRON
  • Compose CLI scan commands
  • View, Delete and Restore files from Quarantine
  • View documentation
  • Set and Edit default values for scans
  • Edit commonly used cxs files


Product Requirements

  • cPanel/WHM – latest versions fully supported
  • DirectAdmin – latest versions fully supported
  • InterWorx – latest versions fully supported
  • Supported OS’s for cPanel: Redhat v7, CentOS v7, Ubuntu v20.04, Ubuntu v22.04 , CloudLinux v7/8, AlmaLinux/RockyLinux v8, AlmaLinux/RockyLinux v9
  • Supported OS’s for DirectAdmin: RHEL v7 to v9, CentOS v7, CloudLinux v7/8/9, AlmaLinux v8/9, Debian v11, Ubuntu v20.04, Ubuntu v22.04
  • ClamAV daemon process, for virus scanning
  • Server with static IPv4 or IPv6 address (for licensing).
  • SQLite v3, for the quarantine, report and statistics database
  • ModSecurity v2+, for web script upload scanning (this is not required)
  • BETA support for Plesk Onyx/Obsidian, VestaCP, CentOS Web Panel, and CyberPanel
  • Root SSH access to the server is required for installation and some configuration actions

Other Technical Information

  • Support is not guaranteed for servers running services from, ASL or Bitninja.
  • We only provide support for supported versions of the OS and latest versions of the control panel. EOL versions are not supported. BETA versions are supported but there may be absent features and bugs, and installation is not included.
  • Admin Front-End available only with root WHM login (cPanel) or admin login (DirectAdmin), not reseller accounts. 
  • We no longer provide support for Virtuozzo or OpenVZ servers. While the product may work on these types of containers, there may be issues that we cannot support

Get in touch via Email or the Helpdesk
Check the Frequently Asked Questions

$60 per server
Bulk purchase discounts


osm is a commercial product that is sold and licensed on a per server basis. Unlike competing products, it is strictly a one-time per server license purchase with updates for the life of the product, all at a reasonable price! Initial default installation on a single server per license is included in the price. Please see the FAQ for more information about discounts and installation.

Bulk purchase discounts are available. Please see the cxs FAQ.

A license for cxs is included when you purchase our cPanel Service Package