We’re happy to announce we’ve just finished deployment of Imunify360 to all our shared, reseller and semi dedicated hosting servers. Imunify360 is the latest innovative software by CloudLinux that enhances security significantly for linux web servers. It brings many tools for our system administrators but also significant improvements to the potential security of all accounts on our servers. It introduces an advanced firewall, smart intrusion detection system, malware scanning and has many other great features planned.
Malware Detected! Attack!
Advanced Firewall
The advance firewall takes what our servers already do and enhances it by utilizing herd immunity and artificial intelligence to detect new threats. It’s capable of detecting brute force attacks, DoS attacks, port scans and other types of attacks on our systems. Upon detecting these types of attacks it’s capable of not only blocking them but preventing other systems from even encountering the type of attack at all going forward.
Previously when an IP address of a potential visitor is blocked they’d simply be unable to access your website. This can be a problem as ISPs change the IP addresses of end users meaning a user could potentially get a dirty IP address from their ISP and be blocked across the internet. Not on our servers however, if a users IP was previously involved in malicious activity they’ll be greeted by a captcha to prove they’re a real visitor. Upon answering the captcha they’ll be allowed on your site and no longer will be blocked. This reduces the rate of false positives and makes sure that no matter who the user is if they are visiting your website for legitimate reasons they can reach it.
Intrusion Detection and Protection System
Imunify360 introduces not only an intrusion detection system but an intrusion prevention system as well. The intrusion prevention system utilizes the global network to help block IP addresses previously involved in attacks so they’re not even given the chance to attempt an attack. The intrusion detection system scans our servers for attacks and bans the IP addresses on not only the server that came under attack but it also reports the activity back to our central database so that our entire network of servers can be protected.
Malware Detection
We’ve been capable of detecting malware on user accounts for some time so this is not something new for our users. Imunify360 however has the potential to significantly improve the capability and improve detection rates as well the usability of such a feature for our customers.
Patch Management
While this is a feature more catered towards our systems administrators it is still worth noting. We already use the KernelCare product of CloudLinux which is of course a feature of the Imunify360 security product. Their road map however intends on introducing additional features such as LibCare which will help patch our systems against Glibc vulnerabilities. This will mean even fewer reboots of our systems and more uptime for your sites!
Web Application Sandboxing
This feature is not yet available but it’s worth pointing out as it’s very exciting and should be available soon! The majority of user applications are similar and we know what WordPress, Drupal, Joomla, etc. should look like. With the safety of sandboxes we will be able to prevent a hacker from injecting malware or defacing your site even if they’re coming from an IP address previously not involved in attacks.
Opting Out of Imunify360
We understand that not everyone wants the protection mechanisms of malware scanning, mod_security and now Imunify360. The good news is development has started on the ability to opt out of Imunify360 protection of your web site. When this becomes available on all our servers it will of course be announced.
If you would like further information about Imunify360 and the benefits you can visit their website or our growing knowledge base.
Is it feature in shared hosting?
Thank for jasa kaligrafi
This is a feature on all our shared, reseller and semi dedicated hosting plans.
This has made running a forum impossible. I can’t upload images and I have to put together Captcha puzzles every 5 minutes. I’m very frustrated by this change and surprised a VPS would put such a huge change into their infrastructure without giving an opt-out or having support. Imunify’s support is terrible which makes this even harder. After 5 years as a Hawkhost customer this is the first time I have seriously thought about leaving.
@Mattie
I believe our support team assisted you with this but your issue was not actually caused by Imunify360 at all. It was caused by the fact your forum was triggering a mod_security rule protecting against an exploit in another piece of software. Our teams suggestion of turning off mod_security for your domains I believe resolved your issue. If we did not have imunify360 you would have still been blocked but instead it would have been a 403 error without even the opportunity to move on to the page you were visiting.
We attempt to make sure there are never any false positives with mod_security but unfortunately sometimes one creeps in. We’re protecting against tens of thousands of exploits to user software. There is a chance while protecting against some WordPress exploit we inadvertently block a type of legitimate request that matches the same pattern as the exploit. This is why we have the ability to disable mod_security right through cPanel if it’s the case.
As far as the inability to opt out when deployed in our limited production sets we received absolutely no poor feedback. Users found they were seeing significantly less attempts to compromise their websites. This resulted in lower CPU and memory utilization from their accounts. We also overall saw less compromised user accounts due to the protection. We’ve had a few users have a desire to have the ability to be disabled. We’ve worked with developers to stress the necessity and they’re working on a solution to this. It however required significant underlying code changes to make this possible. It will be coming and when it does our stance will be we highly advise against it but you can do it. This will be similar to disabling mod_security and our built in real time virus scanning of user accounts.
Also to clarify we don’t run Imunify360 on our virtual private servers. This is simply a service on our various forms of shared web hosting. Right now the virtualization technology we utilize does not even support Imunify360. We hope to eventually offer it as a cheap cost effective add-on similarly to how we offer Litespeed licenses.
Thank you
Great news, an other awesome features from Hawkhost, love it
A lot of English not help me, but a can use Google translate, thank you very much!
Are this feature imun from wp-login attack? i’m worry about it
Imunify360 does indeed block wp-login attacks. After a certain number of failed logins it’ll force them to answer a captcha. Considering they’re almost always bots this will then prevent them from continuing to do it. That’s also assuming they’re not already on the gray list which if that’s the case they would immediately have to answer the captcha before even attempting to login once.
How to whitelist the IP Address? This thing blocked my client site 🙁
@Lutvi Avandi
Whitelisting an IP address should not be necessary. If you’re seeing blocks what most likely is happening is you’re trigger mod_security rules or a system on the IP is providing invalid logins to the website or another service on the server (IMAP, SMTP, cPanel etc). I’d recommend trying to disable mod_security as a first step to see if that is what is in fact causing it. The other option is to open a ticket with our support team and they can investigate why you’re getting the Imunify360 prompts.
Can I turn it off?
At this time you cannot do this from cPanel but our team are able to disable it for you on your site. You’ll just need to submit a ticket.
How to turn it off?