Imunify360 is security software installed on all of our Shared Hosting servers at HostUpon. It’s designed and developed by the amazing team at Cloudlinux. Imunify360 uses herd immunity and the six-layer approach to provide our hosting customers with the highest level of security from all sorts of malicious attacks. This includes DDOS attacks, Mod Security protection, malware scanning, website reputation management and a sophisticated firewall. Imunify360 is designed to detect abnormal user behavior including brute-force attacks which are becoming increasingly common with WordPress sites.
WordPress is a big target for hackers and the number of attacks a WordPress based website receives daily on our network is in the thousands. Most users are unaware and that’s because Imunify360 is in place to help protect their websites. The six-layer approach includes:
- Real-time malware scanning
- Advanced firewall with greylisting
- Intrusion detection
- Server Kernel Patching
- Website Reputation Management
- Web Applications Sandboxing
How Imunify360 Works
Imunify360 intrusion detection is based off Mod Security rules. Without getting in to too much detail, Mod Security is an application firewall on the server-side. Imunify360 has integrated mod security ‘rules’ that are updated daily. These rules are what protect our customers websites from all sorts of attacks. For example, if you have a certain number of failed login attempts to WordPress, cPanel, Email or FTP within a specific time period your IP address will be blocked by the firewall. This is a temporary time based block.
The intrusion detection aspect scans server logs for suspicious events, such as failed login attempts, and blocks IP addresses triggering such events. If you try visiting the website and are presented with a ‘Protected by Imunify360‘ Captcha screen as shown in the image below.
You’ll then be presented with a Captcha challenge when visiting your website, completing the Captcha will unblock your IP address and and it to a temporary whitelist. The system is designed to stop automated bots from brute-forcing their way into your account while minimizing inconvenience to humans. So if you inadvertently enter the wrong credentials on your website you can now ‘unblock’ yourself without having to contact support. In the case of repeated violations, your IP address will be automatically added to the Grey List again and the process will have to be repeated.
Reasons You May Be Blocked By Immunify360
The most common reason that Immunify360 will block an IP address is failed logins. This could be failed logins to cPanel, Email accounts or FTP. If you use WordPress and have multiple failed logins you’ll also trigger a block. As mentioned earlier, another reason you may have been blocked is if you triggered one of our Mod Security rules. It’s not uncommon to trigger a rule if you use WordPress as many themes and plugins are not always using best coding practices which in turn could get you blocked.
If you’ve been blocked you can contact our HostUpon Support Team via a support ticket. We’ll be able to tell you why you were blocked and help you regain access.