Settings

Navigation:  Imunify360 User Interface >

Settings

Previous pageReturn to chapter overviewNext page

Choose Settings in the main menu to get to the Imunify360 settings page. This page allows:

 

Installing/Uninstalling KernelCare and HardenedPHP.

Configuring DoS protection.

Controling White list automation.

Configuring Logs level sensitivity.

Configuring Imunify360 incidents auto-cleanup.

Configuring CAPTCHA behavior.

Configuring Malware Scanner settings.

Managing list of rulesets.

Hosting panels specific settings.

 

Install/Uninstall KernelCare and HardenedPHP

 

To install or uninstall HardenedPHP and/or KernelCare click on a proper button on the Settings page.

 

kcare_hardndphp

 

 

For additional information on KernelCare please visit this page.

 

For additional information on HardenedPHP please read the following article.

 

During HardenedPHP installation process the installation log will appear and will update automatically:

 

kc_install_log

 

Configure DoS protection

 

DoS Protection section allows to enable or disable DoS protection. Tick Enable Dos Protection checkbox and click Update at the bottom of the page to save changes. Then it is possible to configure Imunify360behaviour:

 

Max Connections - allows to set up the number of simultaneous connections allowed before IP will be blocked.

Check delay - allows to set up period in seconds between each DoS detection system will be activated and will check server for DoS attack.

 

dos_prot

 

Control over White list automation

 

Auto White list section allows to automatically add admin IP to the White list each time he logs in to the hosting panel and enters Imunify360 user interface.

 

In Timeout field enter the number of minutes - the IP will be removed from the White list automatically after this time.

 

Note. 0 means adding IP to the White List permanently.

 

auto_white

 

Configure Logs level sensitivity

 

In the Logs section it is possible to control what kind of incidents will be displayed in the Incidents page.

 

Move the slider to change your preferences and click Update at the bottom of the page.

 

There are 15 available levels related to OSSEC and ModSecurity severity levels:

 

Log level

ModSecurity

OSSEC

1

7 - DEBUG

01 - None

2

6 - INFO

02 - System low priority notification

3

5 - NOTICE

03 - Successful/Authorized events

4

4 - WARNING

04 - System low priority error

5

4 - WARNING

05 - User generated error

6

3 - ERROR

06 - Low relevance attack

7

3 - ERROR

07 - “Bad word” matching.

8

3 - ERROR

08 - First time seen

9

3 - ERROR

09 - Error from invalid source

10

3 - ERROR

10 - Multiple user generated errors

11

3 - ERROR

11 - Integrity checking warning

12

2 - CRITICAL

12 - High importancy event

13

2 - CRITICAL

13 - Unusual error (high importance)

14

1 - ALERT

14 - High importance security event.

15

0 - EMERGENCY

15 - Severe attack

 

Click Update to save changes.

 

Configure Imunify360 incidents autocleanup

 

Autocleanup configuration section allows keeping the Incidents page clean by default. In the Autocleanup configuration section it is possible to:

 

Keep incidents for the last days - set the number of days Imunify360 will keep the incidents.

Keep maximum incidents count - set maximum quantity of the incidents to keep on the server.

 

auticleanup

 

Click Update to save changes.

 

Configure CAPTCHA behavior

 

To understand how the CAPTCHA works and behaves, please read carefully the CAPTCHA section of the actual documentation. Here it is also possible to enable or disable the invisible reCAPTCHA by marking a proper checkbox.

 

invisible

 

Click Update to save changes.

 

Configure Malware scanner settings

 

Go to Settings page and choose Malware Settings tab. In the Malware Settings page the following options are available:

 

Note. Read CXS integration documentation carefully to make Malware Scanner work properly.

 

Automatically scan all modified files - enables real-time scanning for modified files using inotify library. The Scanner searches for the modified files in user’s DocumentRoot directories. Note that it requires inotify to be installed.

Automatically scan any uploaded using web - enables real-time scanning of all the files that were uploaded via HTTP/HTTPS. Note that it requires ModSecurity to be installed.

Automatically scan any file uploaded using ftp - enables real-time scanning of all the files that were uploaded via FTP. Note that it requires Pure-FTPd to be installed.

Move files to quarantine - defines whether Imunify360 should move the files straight to the quarantine or just mark them as suspicious and let you decide.

 

Enable proper checkboxes and click Update to save changes.

 

malw_set01

malw_set02

 

Also, on the same page below you can manage Malware Scanner Ignore List. It allows to add files or folders that must be ignored by Malware Scanner.

 

To add a file or a folder to the ignore list, click Add new file or directory and enter the path to the directory or to the file in the pop-up window. When done click Save to save changes or Cancel to hide pop-up window.

 

All added files and folders will be listed in the table below. Click on a trash icon if you need to delete a folder or a file from the Ignore list.

 

ignire_list

 

Manage list of rulesets

 

Go to Settings page and choose Disabled rules. This page allows managing added rules as disabled.

 

Note. To add a new rule to the Disabled rules list go to Incidents page and follow the instructions.

 

The list of disabled rules contains:

 

Rule ID - ID number of the rule provided by the plugin;

Plugin - the name of the plugin of the added rule;

Description - details of the rule from ModSecurity or OSSEC;

Domains - the list of the domains for which the rule is disabled (blank field means all domains).

 

To edit the list of domains where the rule must be disabled, click edit icon in the row of the rule and enter domains registered on the server separated by comma.

 

Note. It is possible to specify domains only for ModSecurity rules. For OSSEC rules it is always applies to all domains.

 

disabled_rules

 

To remove the rule from disabled list click Enable and confirm action in the pop-up:

 

confim

 

Attributions

 

Click Settings and choose Attributions tab to observe a list of IDS install on the server.

 

Name - name of the IDS.

Version - IDS version.

License - under which licenses this IDS is working.

Link - URL to the IDS official page.

 

pfattr

 

Hosting panels specific settings

 

cPanel

 

It is possible to enable Service Status checker for Imunify360. Perform the following steps:

 

1.Go to Service Configuration and choose Service Manager.

 

2.In Additional Services section tick imunify360-agent and imunify360-captcha checkboxes.

 

3.Click Save and wait until cPanel enables the Service Status checker for Imunify360.

 

cpanel

 

If succeeded, the status of Imunify360 service will be displayed at Service Status section of Server Status.

 

service_status