After installation, you will find Imunify360 in the cPanel/WHM plugins section. The dashboard allows you to quickly check in on the overall state of your server and manage all aspects of its security. You will notice multiple tabs that represent Imunify360’s key features.
The default tab is for Incidents, so let’s start with our powerful IDS/IPS feature that includes a comprehensive collection of “deny” policy rules to quickly block all known attacks. It monitors server logs and scans log files from all different angles and bans IPs that show malicious signs such as failed login attempts, potential exploits, etc.
Here, in the Incidents tab, you can see all the latest server incidents. This is updated every 60 seconds.
You can use filters to show incidents by Timeframe, change the number of records to view on the page, and filter incidents based on IPs from a Black, White, or Gray lists.
Click on any incident to view detailed information. Clicking on a particular IP will filter incidents for just that IP, and the same can be done for the country.
IPs marked in blue currently do not belong to any list, and of course, you can take action on an IP to move it into a White or a Black list.
You will notice that some incidents don’t show an IP address - these IDS-driven incidents are not network related, such as locally generated incidents, therefore they don't have an IP associated with them.
The number next to the arrow represents how many attempts were made from this IP during the detection period.