imunify 360 HostUpon

How Imunify360 With Captcha Works

What is Imunify360 Security?

Imunify360 is security software installed on all of our Shared Hosting servers at HostUpon.  It’s designed and developed by the amazing team at Cloudlinux.  Imunify360 uses herd immunity and the six-layer approach to provide our hosting customers with the highest level of security from all sorts of malicious attacks.  This includes DDOS attacks, Mod Security protection, malware scanning, website reputation management and a sophisticated firewall.  Imunify360 is designed to detect abnormal user behavior including brute-force attacks which are becoming increasingly common with WordPress sites.

WordPress is a big target for hackers and the number of attacks a WordPress based website receives daily on our network is in the thousands.  Most users are unaware and that’s because Imunify360 is in place to help protect their websites.  The six-layer approach includes:

  • Real-time malware scanning
  • Advanced firewall with greylisting
  • Intrusion detection
  • Server Kernel Patching
  • Website Reputation Management
  • Web Applications Sandboxing

How Imunify360 Captcha Works

Imunify360 intrusion detection is based off Mod Security rules.  Without getting in to too much detail, Mod Security is an application firewall on the server-side.  Imunify360 has integrated mod security ‘rules’ that are updated daily.  These rules are what protect our customers websites from all sorts of attacks.  For example, if you have a certain number of failed login attempts to WordPress, cPanel, Email or FTP within a specific time period your IP address will be blocked by the firewall.  This is a temporary time based block.

The intrusion detection aspect scans server logs for suspicious events, such as failed login attempts, and blocks IP addresses triggering such events.  If you try visiting the website and are presented with a ‘Protected by Imunify360‘ Captcha screen as shown in the image below.

Imunify360 Captcha Screen

You’ll then be presented with a Captcha challenge when visiting your website, completing the Captcha will unblock your IP address and and it to a temporary whitelist. The system is designed to stop automated bots from brute-forcing their way into your account while minimizing inconvenience to humans.  So if you inadvertently enter the wrong credentials on your website you can now ‘unblock’ yourself without having to contact support.  In the case of repeated violations, your IP address will be automatically added to the Grey List again and the process will have to be repeated.

As of March 2018, we’ve implemented the Invisible reCaptcha in Imunify360.  This has heavily reduced the Captcha screen for legitimate users and is constantly being improved.

In a nutshell, the Invisible reCAPTCHA uses Google’s Advanced Risk Analysis technology and Artificial Intelligence to determine whether it is a human or not. For example, if a real person had tried to enter their password multiple times, then the user will be redirected to the destination page automatically, with just a few seconds delay, without an annoying validation screen.

Of course, security is still key, and when the Invisible reCAPTCHA detects bot-related requests, it will still trigger the CAPTCHA challenge. This will block the automated software from reaching the website or a page. – source CloudLinux Blog

How To Turn Imunify360 Off

While it may seem inconvenient to go through the Captcha screen, it’s there to protect you from the thousands of attacks targeted to your website daily.  Keep in mind that you will only see the Captcha if you had failed logins or if you triggered a security rule part of Mod Security.  A typical user will never see the Captcha unless they are repeatedly having failed logins to a part of your website or are doing something out of the ordinary.

That being said, Imunify360 itself cannot be turned off.  It’s a server-side software and protects each and every customer on the server.  Though Imunify360 cannot be turned off, you can turn off Mod Security inside your cPanel.

Disable Mod Security cPanel

Steps To Turn Off Mod Security in cPanel

  1.  Login to your cPanel control panel
  2. Click the Mod Security icon under the Security section in cPanel
  3. Beside your domain name you can toggle it to the OFF position

That’s it!  Mod Security will be disabled for the specified domain name.  We never recommend leaving it OFF permanently.  Mod Security plays an important part in your websites security so if you find you’re getting blocked when doing a specific task on your website you can turn it OFF and then turn it back ON once you’re done.

Reasons You May Be Blocked By Immunify360

The most common reason that Immunify360 will block an IP address is failed logins.  This could be failed logins to cPanel, Email accounts or FTP.  If you use WordPress and have multiple failed logins you’ll also trigger a block.   As mentioned earlier, another reason you may have been blocked is if you triggered one of our Mod Security rules.  It’s not uncommon to trigger a rule if you use WordPress as many themes and plugins are not always using best coding practices which in turn could get you blocked.

If you’ve been blocked you can contact our HostUpon Support Team via a support ticket.  We’ll be able to tell you why you were blocked and remove the block as well.

Real-time Malware Scanner

Imunify360 has a built-in scanning engine which actually scan files uploaded to your hosting account in real-time.  If malware is found, the file is immediately quarantined which prevents any damage being made to your website.

HostUpon + Imunify360

At HostUpon, we make every effort to ensure our customers have the latest technology behind them.  With the integration of Imunify360 we’ve been able to provide a layered approach to server-side security while still maintaining optimal performance and end-user experience.  We work closely with our partners to ensure our hosting platform is faster and more secure.

Imunify360 secured servers at HostUpon provide a hands-off automation that is constantly learning from real-time threats across the web.  We want to ensure our customers have the best web hosting experience with the peace of mind of knowing their hosting account is secure from vulnerabilities and attacks.  We’re firm believers that anything we can do to enhance the security of our platform is a worthwhile investment.

Add comment