 (1).svg)
 (1).png)
 (1).svg)
.svg)
Comprehensive Guide to Setting Up Imunify360 on Plesk
This comprehensive guide will walk you through the process of installing and configuring Imunify360 on your Plesk server, enhancing its security posture.
Prerequisites
- A Cloud VPS, Pure Performance VPS, or a Dedicated Server, each equipped with a Plesk panel.
- Either SSH root access or administrative access to the Plesk User Interface.
Step 1: Establish an SSH Connection
To begin, you must establish an SSH connection to your server as either a sudo or root user. If you require assistance with this process, please refer to this article for detailed instructions.
Step 2: Installing Imunify360
Execute the following commands from your command line to install Imunify360 and register its agent:
wget https://repo.imunify360.cloudlinux.com/defence360/i360deploy.sh -O i360deploy.sh
bash i360deploy.shAlternatively: Imunify360 can also be installed conveniently via the Plesk Extensions interface.
Step 3: Firewall Configuration
If you are utilizing CSF (ConfigServer Firewall), it is essential to enable "3-rd Party Integration" within Imunify360. This option can be found by navigating to "Imunify360 -> Settings -> General" in your Plesk panel.
Step 4: KernelCare Integration
Imunify360 includes seamless integration with KernelCare, allowing you to install it without any additional licensing costs. Access KernelCare settings by going to "Imunify360 -> Settings -> KernelCare". After installation, verify its operational status by navigating to "Imunify360 -> Kernelcare".
Step 5: General Imunify360 Configuration
Proceed to "Imunify360 -> Settings -> General" to adjust the core configurations.
WAF Settings
- Apply CMS-specific WAF Rules: Enabled
- Minimized ModSec Ruleset: Disabled
- WordPress Account Compromise Prevention: Enabled
DoS Protection
If CSF is active, this feature is automatically disabled as its protection is managed directly by CSF.
SMTP Traffic Management
This feature is typically kept disabled, particularly when utilizing a smarthost service, which effectively handles SPAM prevention.
Incidents Logging
- Log level: 4
- Keep incidents for the last days: 100
- Keep maximum incidents count: 100000
- Auto-refresh time for Incidents page: 10 seconds
- Send additional data: Deselected
WebShield
- Enable WebShield: Enabled
- Detect IPs behind CDN: Enabled
- Anti-bot protection: Enabled
- Google reCAPTCHA service: Disabled
OSSEC Integration
- Active response: Enabled
PAM (Pluggable Authentication Modules)
- PAM brute-force attack protection: Enabled
Error Reporting
For privacy and performance, error reporting to Imunify360 is typically disabled.
Contact Details
Provide an email address here to ensure you receive timely security notifications and alerts regarding your server's status.
Step 6: Configuring Imunify360 Malware Protection
Navigate to "Imunify360 -> Settings -> Malware" to fine-tune the malware scanning and protection features.
Resource Consumption
It's advisable to maintain low default values for resource consumption to prevent excessive server load during malware scans, ensuring optimal performance.
General Malware Settings
- Automatically scan all modified files: Enabled
- Optimize real-time scan: Enabled
- Automatically scan any file uploaded using web: Enabled
- Automatically scan any file uploaded using FTP: Enabled
- Automatically send suspicious and malicious files for analysis: Enabled
- Try to restore from backup first: Disabled
- Use backups not older than (days): 90
- Default action on detect: Cleanup
- Enable RapidScan: Enabled
- Binary (ELF) malware detection: Enabled
- Malware Database Scanner: Enabled
Background Scanning Schedule
- Run scanning: Weekly
- Run on: Sunday
- Run at: 3:00 AM
Cleanup Actions
- Trim file instead of remove: Enabled
- Keep original files for: 14 days
Proactive Defense
- Enable blamer: Enabled
- PHP Immunity: Enabled
Step 7: Managing Disabled Rules
To avoid false positives or accommodate specific server configurations, you may need to disable certain rules. Navigate to "Imunify360 -> Settings -> Disabled Rules". We typically disable the following rules:
214920 modsec " IM360 WAF: Inbound Points|Total Incoming Points; Known for creating lot of False Positives" all77316844 modsec "Blocks Post SMTP" all
Step 8: Feature Management for Users
This section allows you to enable crucial security features like "Proactive Defense" and "Malware Cleanup" for your end-users. Access these options via "Imunify360 -> Settings -> Features Management". Activating both features empowers users to protect their websites proactively and provides them with the tools to clean up infections efficiently.
Step 9: Configuring Notifications
By default, no security notifications are configured. However, you can customize these alerts to suit your operational needs by navigating to "Imunify360 -> Settings -> Notifications". We recommend entering a "Default admin email" and enabling critical notifications such as "Real-Time scan: malware detected" and "Script blocked" to stay informed about potential threats.
Conclusion
You have now successfully learned how to install and comprehensively configure Imunify360 on your Plesk server, significantly bolstering its security. Should you encounter any challenges or require further assistance with the Imunify360 product, please consult the dedicated Imunify360 support article.
