What is Imunify 360 & How does it work? #
Imunify360 is security software installed on all of our Shared Hosting, WordPress Hosting, VPS Hosting and Cloud Hosting servers at Spatros. It’s designed and developed by the amazing team at Cloudlinux. Imunify360 uses herd immunity and the six-layer approach to provide our hosting customers with the highest level of security from all sorts of malicious attacks. This includes DDOS attacks, Mod Security protection, malware scanning, website reputation management and a sophisticated firewall. Imunify360 is designed to detect abnormal user behaviour including brute-force attacks which are becoming increasingly common with WordPress sites.
Some of the benefits and features of Imunify360 #
- Real-time scanning of modified files for malware
- Scanning of files uploaded via web, ftp
- PAM brute-force attack protection
- Exim + Dovecot brute-force attack protection
- Updated mod_sec rules
- Automatic removal of malware in files
- Automatic recovery of infected files from backup
- Intrusion detection
The intrusion detection aspect scans server logs for suspicious events, such as failed login attempts, and blocks IP addresses triggering such events. If you try visiting the website and are presented with a ‘Protected by Imunify360‘ Captcha screen as shown in the image below.
You’ll then be presented with a Captcha challenge when visiting your website, completing the Captcha will unblock your IP address and it to a temporary whitelist. The system is designed to stop automated bots from brute-forcing their way into your account while minimizing inconvenience to humans. So if you inadvertently enter the wrong credentials on your website you can now ‘unblock’ yourself without having to contact support. In the case of repeated violations, your IP address will be automatically added to the Grey List again and the process will have to be repeated.
How does Imunify360 protect my website? #
Every WordPress website on the internet receives lots of attacks on a daily basis. The issue with using Content Management Systems like WordPress is that the application must be updated frequently as attackers are always finding new ways of attacking these applications. Attacks like brute force, DDOS etc are the most common attacks we see these days. If your website develops bugs or a vulnerability and you fail to update them then you make yourself vulnerable and an easy target for the attackers.
For more information please visit the software developer site Imunify360