The customer portal my.neoserv.com has been redesigned. If you notice any issues, please let us know.

Cart (0)
  • Your cart is currently empty.
Checkout
  1. Home
  2. Help Center
  3. How to Use Imunify360 in cPanel

USER INSTRUCTIONS

Search instructions

How to Use Imunify360 in cPanel

Search results for: ""

Imunify360 is a complete security solution for Linux web servers. It is based on machine learning technology and uses a layered approach to provide protection against malicious and suspicious activity, including DDoS attacks. Imunify360 provides advanced firewall protection that uses artificial intelligence to detect new threats and protect servers.

At NEOSERV, we make sure that our clients can always use the latest technologies in web hosting. In addition to ensuring your websites run at high speed, we have also provided advanced and comprehensive protection – Imunify360, which includes a virus and malware scanning and removal tool as part of the cPanel control panel.

Sitemap

How do I access Imunify360?

To access the malware scanning and removal tool:

1. log in to the cPanel control panel (login instructions).

2. Scroll to the Security section and click on the Immunify360 icon.

cPanel (Jupiter) - Imunify360

This will open the Imunify360 module for the cPanel Control Panel, where you can navigate between the Malware Scanner and Proactive Defense tabs.

cPanel (Jupiter) - Imunify360 - Malware Scanner in Proactive Defense

See below how to use the Malware Scanner and Proactive Defence.

How to use the Malware Scanner?

The Malware Scanner tool allows you to scan your web hosting package for files that may contain a virus or malware code. This most commonly affects PHP files or scripts important for the normal functioning of CMS platforms such as WordPress, PrestaShop, Joomla, Drupal and similar.

The Malware Scanner references an external database of known and highly probable malware and compares the files in your hosting package with those known to contain a virus. The tool can detect various types of attacks, including zero-day and DDoS attacks, to provide comprehensive protection for your websites.

Using a machine-learning based Malware Scanner, Imunify360 compares the PHP files on your hosting package with “clean versions” of those files. The tool then removes the part of the software code that is malicious, leaving your original files clean and working.

In the cPanel control panel, the Malware Scanner tool offers you three tabs: Malicious, Scan, History.

Malware Scanner.

The main page of the Malware Scanner is the Malicious tab, which lists paths to malicious files and database entries.

Imunify360 - Malware Scanner - Malicious

Malware Scanner scans your entire hosting package automatically every night. In addition, an automatic scan is also performed when you add a new file to your hosting package or modify an existing one. Alternatively, you can run a scan of your entire package manually by clicking on the Start scanning button above the malicious file results table.

The table consists of the following columns:

  • Scan date: the time when the scan that found the malicious code was last performed.
  • Type: an icon to indicate whether the malicious code is in a file or a database.
  • Malicious: path to the file or database where the malicious code is located.
  • Reason: the code or classification of the malware.
  • Status: the status of the file in which the malware code has been detected.
  • Actions: the options offered by the Malware Scanner tool:
    • View item: display the malware file in a pop-up window.
    • Clean up malicious code: option to clean up malware code.

Clicking on Clean up malicious code will open a pop-up window where you will see a warning that the original file will remain available (quarantined) for 14 days. Confirm the clean up of the file by clicking on the YES, CLEAN UP button.

Imunify360 - Malware Scanner - Clean up malicious code

Imunify360 - Malware Scanner - Cleanup initiated

In a few seconds, the cleanup will be complete, which will be indicated by a new file status: cleaned.

Imunify360 - Malware Scanner - Cleanup completed

As shown in the picture, you can restore the original file from the backup by clicking on the Restore original item icon.

Above the results table, next to the Start scanning button, there is also a green Clean up all button, which can be used to speed up the cleaning process. Clicking it will start cleaning up all the malware files detected by Imunify360 on your hosting package.

Malware Scanner.

In the Scan tab there is a table where you can see when the Malware Scanner has performed an (automatic) scan of your hosting package.

Imunify360 - Malware Scanner - Scan

In the Total objects column you will see how many objects have been checked by Malware Scanner, while in the Results column the number of possible threats is recorded. In the last column, Actions, clicking on the View results icon will take you back to the Malicious tab (with the scan ID filter turned on).

Malware Scanner: History

The History tab shows a table with all events, e.g. detection of individual files and database entries containing malicious code, and virus cleanups performed.

Imunify360 - Malware Scanner - History

You’ve learned about the functionality that Malware Scanner offers as part of Imunify360’s protection, now take a look at some more details about the Proactive Defense tool to proactively protect your hosting package.

How to use Proactive Defense?

Proactive Defense uses specific patterns to check the execution of PHP scripts and limit the running of malicious functions. This is very important as malicious code is often hidden: obfuscated, inserted in the middle of a legitimate file or dynamically extracted from the network and inserted into a database.

Unlike Cloudflare WAF and other WAF solutions that only check HTTP requests, proactive protection also monitors the actual execution of PHP scripts. In this way, it detects the execution of a malicious script in real time and stops it before it causes damage to the server or website.

Proactive Defense provides three mode settings in the cPanel control panel:

  • Disabled: proactive defence is disabled and the system is not protected.
  • Log only: only event logging is enabled, while Proactive Protection is disabled.
  • Kill Mode: proactive protection is enabled, which immediately terminates a detected malicious script.

NEOSERV has provided the highest level of security (Kill Mode), which immediately terminates the malicious script execution. To ensure security, this setting is set at server level and cannot be changed by the user of the hosting package.

In the cPanel control panel, the Proactive Defense tool offers two tabs: Detected Events and Ignore List.

Proactive Defense: Detected Events

The main page of Proactive Defense is the Detected Events tab, which lists paths to PHP files that contain malicious scripts.

Imunify360 - Proactive Defense - Detected Events

Proactive Protection interrupts PHP scripts with malicious activity in real time, including vulnerable WordPress plugins and other unpatched applications that are easy for web attackers to exploit.

The table in the aforementioned tab consists of the following columns:

  • Detection Date/Time: the time when the tool detected the suspicious PHP script.
  • Description: description of the activity performed by the proactive protection.
  • Script Path: the path to the PHP file containing the malicious script.
  • Host: the host (domain) of the suspicious PHP script.
  • First script call from: IP from which the first script call was detected.
    • WHITE: IP is on the allowed list (white list).
    • BLACK: IP is on the disallowed list (black list).
    • GREY: IP is on the temporarily disallowed list (grey list).
    • BLUE colour: all other IP addresses are coloured blue.
  • Action: display of the current mode.
  • Actions: option to view details or add a file rule to the ignored list.

So, on the bottom side of the table, there is an Actions column that allows you to view the details of a particular event. Clicking on the View details icon opens a pop-up window with additional information.

Imunify360 - Proactive Defense - Detected Events - View details

At the very top of the pop-up window, as in the Actions column (under the gear icon), there are three buttons:

  • View file content: view the contents of the PHP file containing the malicious script.
  • Ignore detected rule for the file: exclude a specific file rule from proactive protection.
  • Ignore all rules for the file: exclude all rules of the file from proactive protection.

Proactive Defense: Ignore List

The Ignore List tab contains a list of ignored rules pertaining to individual PHP files with malicious scripts.

Imunify360 - Proactive Defense - Ignore List

The Add Date/Time column shows the time when the rule was added to the ignore list, the Scipt Path column lists the path to the PHP file, and the Rules to ignore column lists the rule that is being ignored by the proactive protection. The right column Actions allows you to perform two actions, viewing the contents of the PHP file and removing the rule from the ignore list.

Imunify360: because security is important!

Imunify360, which offers the Malware Scanner and Proactive Defense tools as part of the cPanel control panel, is a complete solution for protecting your servers and your websites from malicious attacks. Malware Scanner allows you to thoroughly scan your files and remove malware code, while Proactive Defense actively monitors and prevents potential threats in real time.

Together, these tools provide a robust security infrastructure that helps keep your data protected and your websites running smoothly. Using Imunify360 in your cPanel dashboard gives you peace of mind about your security, so you can focus on developing and managing your web projects.

For further assistance, please call us on 059 335 000 or email us at info@neoserv.si.

RELATED POSTS

COMMENTS

COMMENT THE POST

(mandatory)
(mandatory, email address will be hidden)
(optional)
Security question that confirms you are a real person.