Config File Description

Navigation:  »No topics above this level«

Config File Description

Previous pageReturn to chapter overviewNext page

Imunify360 config file is available on the following location after installation:

 

/etc/sysconfig/imunify360/imunify360.conf

 

In the config file it is possible to set up Imunify360 configuration. The following options are available:

 

AUTO_WHITELIST:

 

timeout: 1440

# Set in minutes how long to keep automatically whitelisted IP

 

DOS:

 

enabled: true

# allows to enable (true) or disable (false) DOS detection

timeout: 30

# set in minutes how often DOS detection should be launched

max_connections: 250

# set the maximum simultaneous connections before IP will be blocked

 

INCIDENT_LIST:

 

min_log_level: 4

# minimal logging level for incidents

 

MOD_SEC:

 

was_installed: false

# if mod_sec rules was installed

 

MOD_SEC_BLOCK_BY_SEVERITY:

 

enabled: true

# enable or disable ModSecurity blocking by severity

max_incident_repetition: 2

# set a number of repeats of the incident from the same IP for adding it to blacklist.

check_period: 120

# set a period in minutes during which incident from the same IP will be recorded as a repeat.

severity_limit: 2

# set a level of severity for DOS detection sensitivity. Read more here about severity levels.

ignore: - 123456

# allows to list IDs of ModSecurity rules that should be ignored

 

MOD_SEC_BLOCK_BY_CUSTOM_RULE:  # Custom rules for mod security

 

33332:

  check_period: 120

  max_incident_repetition: 10

This section allows to list IDs of ModSecurity rules and add specific parameter for check_period and max_incident_repetition.

 

AUTOCLEANUP: # autocleanup data about incidents from database

 

num_days: 100

# allows to set amount of days during which incident record will be kept

limit: 100000

# older records, if it's more than limit

 

OSSEC:

 

ignore: - 1003

# allows to list IDs of OSSEC rules that should be ignored

 

MALWARE_SCANNING:

 

enable_scan_inotify: false

# enable or disable real-time scanning for modified files using inotify library.

enable_scan_uploaded_files: true

#  enable or disable real-time scanning of all the files that were uploaded via http/https. Note it requires Mod_Security to be installed.

move_to_quarantine: true

# enable or disable automatically move suspicious file to quarantine

max_days_in_quarantine: 0

# set maximum days to keep files in quarantine and than file will be removed, 0 - permanently.

leave_suspicious: true


 

CAPTCHA:

 

invisible: false

# enable or disable invisible reCAPTCHA. If invisible reCAPTCHA disabled then standard reCAPTCHA will work.

cert_refresh_timeout: 3600

# set in minutes how often SSL certificate will be refreshed

CSF_COOPERATION:

 

capture_CSF_lock: false

# If set to “True”, prevents CSF restart while editing iptables rules.

 

IPTABLES_RULE_CHECK:

rule_check_interval: 30

# Period in seconds to check whether imunify360 rules exist in iptables.