How To Install Imunify360 in Plesk (Linux)

Linux Plesk Plesk Linux Security Tech
0
Avatar
Author

Introduction

Imunify360 is a complete automated web server security platform for Linux Servers. Antivirus, Real-time Malware Scanner, File Antivirus, Firewall, WAF, PHP Security Layer, Patch Management, Domain Reputation with easy UI and advanced automation. In this guide, we will walk through the step-by-step process of installing Imunify360 on a Plesk server running on Linux.

Prerequisites

Before you begin this guide, you’ll need to do the following:

  • Plesk with Ubuntu/CentOS/Debian
  • Disable Firewall on the Plesk Linux server by running the command via SSH root – systemctl disable firewalld
  • Imunify360 License Key (You can purchase your license key from here or get a trial key from here or you can buy it from Plesk store.)

IMPORTANT: If you have ImunifyAV installed on the Plesk server, you must remove it before we begin the Imunify360 installation.

Hardware

RAM: 1GB
HDD: 20GB available disk space
CPU: 64bit version on x86_64 processors only

Step 1: Access Plesk Control Panel:

Start by logging into the Plesk server using the credentials of an admin or root user.

Login to Plesk > Go to Extensions > Search for "Imunify360" and click on it.

Step 2: Open the Extensions Catalog:

Within Plesk, locate and click on “Extensions” in the left-hand menu. This will open the Extensions Catalog.

Step 3: Search for Imunify360:

In the Extensions Catalog, use the search bar to look for “Imunify360.” Once found, click on the Imunify360 extension to access its details.

Step 4: Install Imunify360:

On the Imunify360 details page, click the “Install” button. Plesk will initiate the installation process, and you will be prompted to confirm the installation.

Option 1: Purchase from Direct/Reseller

If you have purchased the license from direct Imunify360 or a reseller, click “Get for Free” to start the installation. The process will take a few minutes. (In the provided image, the option is not visible as it has already been installed.)

After the installation is complete, it will show that license is not activated on the Plesk server.

So now activate the license key via SSH by running the following command:

imunify360-agent register YOUR_KEY

Replace YOUR_KEY with the actual imunify360 license key.

Option 2: Purchase from Plesk Store

If you prefer to buy the license from the Plesk store, select the appropriate plan (single user to unlimited) and proceed with the purchase. Complete the purchase process, and Imunify360 will be installed on your Plesk server.

After installation, follow the prompts within Plesk to activate Imunify360 using the purchased license.

Step 5: Review and Accept Terms:

Before the installation begins, review the terms and conditions. If you agree, proceed by accepting the terms to continue with the installation.

Step 6: Imunify360 Dashboard:

Once installed, you will be redirected to the Imunify360 dashboard page. Here, you can see a summary of all the information about Imunify360 incidents, malware scans, attacks, etc.

Firewall:
Imunify360 comes with its own firewall, handling the management of blacklisting and whitelisting IPs and Ports.

Incidents:
This section keeps track of real-time incidents on your server, including failed logins and flagged IPs.

Malware Scanner:
Utilize the malware scanner to see infected files per account and initiate malware scans for specific destinations.

Proactive Defense:
CloudLinux introduces Proactive Defense, a feature to prevent PHP attacks. Easily configure it using this tab.

Reputation Management:
Using the Google algorithm, this tab identifies domains affected by social engineering, spoofing, and more.

Step 7: Configuring Imunify360 on Plesk:

After successfully installing and activating Imunify360, follow these steps to configure and optimize its settings for enhanced security:

Configuring General Settings: Imunify360 -> Settings -> General

Navigate to “Imunify360 -> Settings -> General” and configure the following:

  • 1. Kernelcare Integration and Additional Features:
    • Imunify360 seamlessly integrates with Kernelcare, offering automated kernel security updates without reboots. Install Kernelcare at “Imunify360 -> Settings -> KernelCare” without any additional cost.

In addition to Kernelcare integration, Imunify360 brings several other beneficial features:

  • .1.1 Hardened PHP:
    • Automatically patches old PHP versions to include backport fixes, enhancing PHP security.
  • 1.2 Invisible Captcha:
    • Automatically determines if the user is human. The system falls back to captcha solving if the algorithm determines that a user may not be human.
  • 2. WAF Settings:
    • Apply CMS-specific WAF Rules = Enabled
    • Minimized ModSec Ruleset = Disabled
    • WordPress Account Compromise Prevention = Enabled
  • 3. DoS Protection:
    • Enabled (Managed by CSF when enabled)
    • Max Connections = 250
    • Check delay = 30
  • 4. SMTP Traffic Management:
    • Enabled
    • SMTP Ports = 25, 587, 465
    • Allow users = postfix, horde_sysuser, roundcube_sysuser
    • Allow groups = mail
    • Allow local = Enabled
    • Redirect to local = Disabled
  • 5. CSF Integration:
    • Manage CSF Events and Lists = Enabled
  • 6. Auto White List
    • Timeout = 1440
  • 7. Incidents Logging:
    • Log level = 4
    • Keep incidents for the last days = 100
    • Keep maximum incidents count = 100000
    • Auto-refresh time for Incidents page = 10
    • Send additional data = Enabled
  • 8. Webshield:
    • Enable WebShield = Enabled
    • Detect IPs behind CDN = Enabled
    • Anti-bot protection = Enabled
  • 9. Google reCAPTCHA service:
  • 10. Ossec:
    • Active response = Enabled
  • 11. PAM:
    • PAM brute-force attack protection = Enabled
    • FTP brute-force attack protection = Enabled
  • 12. Error Reporting:
    • Enable Sentry error reporting = Enabled
  • 13. Contact Details:
    • Enter an email address to receive security notifications about your server.

Configuring General Settings: Imunify360 -> Settings -> Malware

Navigate to “Imunify360 -> Settings -> Malware” and configure the following:

  • 1. Resource Consumption:
    • Keep default values low to prevent server load during scans.
  • 2. General:
    • Automatically scan all modified files = Enabled
    • Optimize real-time scan = Enabled
    • Automatically scan any file uploaded using web = Enabled
    • Automatically scan any file uploaded using FTP = Enabled
    • Automatically send suspicious and malicious files for analysis = Enabled
    • Try to restore from backup first = Disabled
    • Use backups not older than (days) = 90
    • Default action on detect = Cleanup
    • Enable RapidScan = Enabled
    • Binary (ELF) malware detection = Enabled
    • Enable Hyperscan: Enabled
    • Malware Database Scanner = Enabled
  • 3. Background Scanning:
    • Run scanning = Weekly
    • Run on = Sunday
    • Run at = 3:00 AM
  • 4. Cleanup:
    • Trim file instead of remove = Enabled
    • Keep original files for = 14 days
  • 5. Proactive Defense:
    • Enable blamer = Enabled
    • PHP Immunity = Enabled

Configuring General Settings: Imunify360 -> Settings -> Disabled Rules

Navigate to “Imunify360 -> Settings -> Disabled Rules” and configure the following:

  • 1. Add this modsec rule in disabled rules:
    • Rule ID: 214920
    • Select “modsec” from the dropdown
    • Domains: all
    • Description: IM360 WAF: Inbound Points|Total Incoming Points; Known for creating lot of False Positives
    • Click on ADD RULE

Configuring General Settings: Imunify360 -> Settings -> Features Management

Navigate to “Imunify360 -> Settings -> Features Management” and configure the following:

  • 1. Features Management
    • Proactive Defense = Enabled
    • Malware Cleanup = Enabled

You have the option to activate both “Proactive Defense” and “Malware Cleanup” for your users. We recommend enabling these features to provide an additional layer of protection for their websites and give them the ability to clean up their website if it’s infected.

Configuring General Settings: Imunify360 -> Settings -> Notifications

Navigate to “Imunify360 -> Settings -> Notifications” and configure the following:

By default, no notifications are sent. To set up notifications according to your preferences. Enter a Email in Default admin emails and activate notifications.

Step 8: Monitor Security Events:

Explore the Imunify360 dashboard within Plesk to monitor security events, view reports, and manage any detected threats. Regularly check for updates and apply them to ensure your server is protected against the latest security vulnerabilities.

That’s it. You can now use Imunify360 from Plesk and change the default Imunify360 settings to reflect your needs.

Conclusion:

Congratulations! You have successfully installed Imunify360 on your Plesk server running on Linux. By integrating Imunify360 into your server environment, you’ve fortified your system against a wide range of cyber threats, enhancing the overall security posture of your websites and data. Regularly update and customize security settings to stay proactive in safeguarding your server.

Related Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Articles

All posts