Operating System

  • Atomic Protector is tested on up to date versions of the supported operating systems. This means that you will need to have all vendor patches installed for Atomic Protector to work correctly. Below, we have outlined a list of supported Operating Systems:

    • CentOS 7/8/9

    • RedHat 7/8/9

    • CloudLinx 7

    • Rocky Linux 8

    • Ubuntu 20

    • Amazon EC2 (We support RHEL and CentOS EC2, we do NOT support AMI and other custom distributions)

      Note

      Atomic Protector will not install on a system that is missing vendors updates, and will generate an alert during the installation process.

  • Third Party Modifications to the OS

    Note

    Third Party modifications to operating system (OS) files are not supported. For example, third party replacement of glibc would not be supported.


Hardware

  • Memory: Atomic Protector requires at least 8 GB of memory. 16 GB of memory is highly recommend to make use of all of Atomic Protector’s features.

  • CPU: 4 vCPUs required, 8 Recommended


File Systems

Minimum free disk space requirements per partition:

Directory

Minimum Free Space Required

/var

Varies (See Note Below)

/usr

500 MB

/tmp

10 MB (See Note Below)

/etc

100 MB

Note

/var follows the Linux standard which is to use /var for any logs. Atomic Protector will keep records as long as you desire, therefore the minimum disk space requirements will depend on your data retention requirements. You should monitor your database and /var partitions drive usage and prepare accordingly to add more space based on event volume for your system. If you run out of space in the /var directory, the Atomic Protector web console may not work correctly, and other parts of Atomic Protector may fail as well. Atomic Protector will also record other events, such as file changes and software updates in a special monitoring system, this data is also stored in /var. Please see the Atomic Protector FAQ for further details about tuning this system should you wish to use less drive space for this. Please see the Atomic Protector configuration page for settings to control the amount of days worth of data Atomic Protector will keep in the database and in the stored logs in /var/asl: https://www.atomicorp.com/wiki/index.php/AED_Configuration

Note

/tmp Your operating system uses /tmp to process temporary files. For long term use of Atomic Protector, and the operating system, /tmp should be as large as necessary for your OS. The actual amount of space needed in your /tmp partition will vary substantially depending on what you are doing with your OS. Atomic Protector needs some amount of free space in /tmp for installation, and may need to use /tmp as part of ongoing activities. However, this partition is primarly used by your OS, not Atomic Protector, and a full /tmp partition may result in very adverse effects by your OS. Please contact your OS vendor for assistance with sizing you /tmp partition to meet your OSes needs.

  • Atomic Protector will log and record security events on the system. The amount of space required for this will vary depending on the amount of events that occur on your system. Atomic Protector will record all of its events in the /var partition. Therefore, you should have adequate free space available in the /var partition for your system. We recommend at least 5GB of space in this partition, but this is a minimum. You should allocate more space if you intend to keep logs for extended periods of time. You may need to increase this depending on the amount of events that occur on your system and the archive period you have set in your Atomic Protector Configuration.

  • Atomic Protector components will be installed in the /boot, /usr, /etc and /var partitions. A minimum of 100MB of free space is required to install Atomic Protector, and additional space is required in /var as described above.

Advanced

Virtual Private Servers (VSP)

Firewall: Oftentimes, VSP providers have limitations on firewall capabilities. If your firewall does not start, then your container may be on a limited system. Please see this Odin KB article to configure your openvz/Virtuzzo hardware node.

CPanel

If you do not have CPanel installed, you must have mod_uniqueid installed for Mod Security to work correctly. Please contact CPanel support if you are not sure how to enable this feature on CPanel.

Support Software

Shell: Atomic Protector does include some shell scripts. These scripts are written in “bash”. If the default shell on the system has been changed from bash to some other shell these scripts may not work correctly.

WGET: To install Atomic Protector you must have a working copy of wget on your system, with working HTTPS support (this means that your version of wget supports SSL, which Atomic Protector uses to download all the software it uses securely). Atomic Protector will not install correctly without a working copy of wget as mentioned previously.

How to install WGET

  • As root run this command

    yum install wget
    
  • Test to make sure wget supports TLS/SSL by running the following:

    wget https://www.atomicorp.com/test-file.html
    
  • If your wget supports SSL it will download the file test-file.html, and if you examine the contents of the file you will see the following:

    If you can read this, your test worked.
    
  • If you do not see the sentence above, then your wget likely does not not support SSL. If you see an error like this:

    HTTPS support not compiled in.
    

This means your system can not securly download software, which is a serious vulnerability. You will need to contact the parties that have crippled your system for a solution to replace the crippled version of wget with a non-crippled version that supports SSL.

  • If you see an error like this:

    Resolving www.atomicorp.com... failed: Name or service not known.
    

This means your system does not have DNS setup, or otherwise can not resolve our server. Please contact your hosting provider for assistance with DNS on your system.

Third Party Software

OSSEC: Do NOT install OSSEC from third party sources. Atomic Protector will replace and manage OSSEC on your system. If you have issues using or installing Atomic Protector, you will need to uninstall this third party software or disable features in those products.

ClamAV: Do NOT install ClamAV from third party sources. Atomic Protector will install the latest version of ClamAV on your system. If you are having issues using or installing, you will need to uninstall this third party software or disable features from those products.

Mod Security: Do NOT install Mod Security from third party sources. Do NOT enable Mod Security in CPanel. This will cause CPanel to overwrite the enhanced Mod Security and will cause duplicate rules to be installed on your system. Please uninstall any third party source of Mod Security before installing Atomic Protector.

Firewalls: In Linux, you can only safely use one tool to manage your firewall. If you are using multiple tools, then they will conflict with each other. For this reason, if you use a third party firewall with Atomic Protector, then you can not use Atomic Protector to manage your firewall as well.

Therefore, Atomic Protector is NOT supported with any third party software that manipulates or manages the Linux firewall, iptables, ipset. This is includes the following:

  • CSF

  • APF

  • Parallels

  • The iptables service (not the command line tools, just the service)

  • Firewalld

  • Any other firewall management tools

If you have any third party software of this nature installed you will need to:

  1. Uninstall this third party software before you install Atomic Protector. If you cannot uninstall it you must disable any firewall features in these products.

  1. Remove ALL firewall rules implemented by these products.

Additionally, you cannot use third party firewall management tools to manipluate the firewall on the system, for example fwbuilder.

If you want to use any third party firewall software with Atomic Protector, then you must disable the Atomic Protector firewall and active response. Please note that any firewall related issues will be unsupported.

Iptables Daemon

Disable the iptables service. Running the iptables service with Atomic Protector will cause conflicts. To stop the service run the following commands:

service stop iptables
chkconfig --del iptables

If you had this service enabled when you installed Atomic Protector, you will experience problems with your firewall. The service will need to be disabled, as mentioned above, and flush any remaining firewall rules. Please follow the steps below:

  1. Run the two commands above

  2. Stop the Atomic Protector firewall by running:

    service asl-firewall stop
    
  3. Flush any remaining firewall rules by running:

    rm /etc/asl/firewall/running.fw
    
  4. Restart the Atomic Protector firewall by running:

    service asl-firewall start
    

Firewalld

Disable the firewalld service. You will not need to run the firewalld daemon service with Atomic Protector. If the daemon is running it will cause conflicts, so please disable the service on your system by following the steps below:

  1. Run the following commands:

    service stop firewalld
    chkconfig --del firewalld
    
  2. Stop the Atomic Protector firewall by running:

    service asl-firewall stop
    
  3. Flush any remaining firewall rules by running:

    rm /etc/asl/firewall/running.fw
    
  4. Restart the Atomic Protector firewall by running:

    service asl-firewall start
    

Apache

Atomic Protector is fully compatible with Apache 2.0, 2.2, and 2.4. Atomic Protector will automatically install the WAF module into Apache for standard supported vendor Apache builds, and supported control panel builds.

ConfigServer

Atomic Protector does not support any ConfigServer products. If you have these on your system, they will need to be unistalled prior to your installation of Atomic Protector to ensure that Atomic Protector installs correctly. We have more information on the ConfigServer products HERE.

Fail2Ban

fail2ban is not necessary and should not be used with Atomic Protector. The use of fail2ban with Atomic Protector may result in problems with your firewall, and could cause your system to be unreachable. If you have fail2ban installed on your system, uninstall it. Again, you will not need it with Atomic Protector.