New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Immunify360 reviews?
From the product page, it seems pretty good. But there aren't much reviews on compatibility or performance issues with it.
How does it work on shared hosting environment? I'm very interested in their malware scanner and waf protection. Was thinking to try out a trial but don't want any overhead later.
Thanks ;*
Comments
The WAF protection uses the Comodo WAF ruleset generally with a bit of customization.
Their Malware scanning doesn't have many false positives which is good, and it's a lot better than alternatives like maldet.
Performance wise - well, you save resources by not letting bad users in - so it depends on your environment.
I've personally not seen any issues that bother me.
The WAF as Zerpy said uses rulesets Comodo WAF and some another ruleset from an Enterprise solution, I don't remember the name.
The malware scanning was improved a lot since a few months ago.
Get youself a DO/Vultr VPS and test it with cPanel.
@Zerpy and @vovler
Thanks both, I'll give it a try
One of the best features, IMO, is the wordpress bruteforce detection for all users.
Even if you have some newbie with a wordpress getting bruteforced, it will stop the bruteforce and ask for the recaptcha, if the user still doesnt complete the captcha, it will be blocked from any future login attempts for an amount of time. Saving a lot of CPU usage.
This is something Francisco had to deal with in his buyshared.net, and coded his own protection against this. But not everyone has the skills to do that.
I was particularly looking to this, their greylist feature.
@Zerpy, In docs, I did found that it uses maldet to perform scans so can't say how much better it could be.
Anyway, I'll look at cPanel docs to see if I can write my own similar script.
does this script compatible with cloudflare ?
if any customer uses cloudflare, it may conflict with each other .
All cloudflare ips are whitelisted. In case cloudflare is used, imunify360 will block suspicious requests, but not grey list/black list the ip, and won't ask for captcha in case of bruteforce. (if I'm not mistaken)
but we can make the cloudflare to pass the real IP too .. have you tried that ?
From : http://www.docs.imunify360.com/index.html?installation.htm
From : https://docs.imunify360.com/index.html?faq_and_known_issues.htm
You can pass the IP, but you need enterprise (lol, no.) :
I mean this
https://support.cloudflare.com/hc/en-us/articles/203656534-How-do-I-restore-original-visitor-IP-with-Apache-2-4-
I don't think it's only about real IP but also cloudflare's own protection. for example, a visitor may have to fill double captcha to view website
Sure - because maldet works - however they supply more signatures than maldet does by default (even with the ClamAV signatures as well).
It’s a PITA when you can’t post 3 lines of (harmless) HTML without having to finish a few dozen captchas.
I personally have posted some of codes on let but never received any cf captcha
Consider yourself lucky ;-)
Meanwhile at the CF headquarters
I've used Imunify360 for a while on one of my cPanel servers and it was really good. I'm not entirely sure about their "AI" claim though
Though they have mentioned AI, I don't see any feature which would qualify for it
Agreed. Maybe they are improving rule sets using some kind of AI but I honestly don't think such system would qualify as an AI. Other than that marketing gimmick, imunify is good.
I've watched all of the webinars, and when they say "powered by AI", they mean that they detect 0-day that are not public by crossing the data from multiple machines that have imunify360 installed.
Let's say they are 10.000 wordpress installations protected by imunify360, if they happen to discover a weird request, that has compromised, lets say, 1.000 of those wordpresses, they will create a rule for modsecurity to block said request.
Not sure if the new rule creation is manual or auto.
I'm not sure if we can call it AI
+1, Its Just a marketing gimmick.. @volver I think the new rule creation is manual,,,
It is possible they might be using text mining and machine learning.
Could be