How to disable annoying Imunify::Generic emails in WHM 108?
Alright, I can understand the benefits of scanning with Imunify once in a while, but the relentless emails about hundreds of Wordpress plugins that are slightly outdated is becoming old quite fast. Look, I understand that the Admin CSS MU plugin was updated last month and that the update literally only adds the flex-direction CSS compatibility, but does that justify my WHM server emailing me every other day about it? It seems that we have a very different definition of what "vulnerable" or "outdated" means. I almost feel harassed by my WHM server nowadays compared to a few years ago and I don't ever recall having issues over the last decade when a CSS plugin had not been updated FOR A MONTH on any Wordpress site that this server has been hosting.
TLDR; HOW CAN WE DISABLE THIS PLEASE? Instructions at the bottom of the said email lead to nowhere in WHM 108. Here's the email I need deactivated:
Dear Administrator,
This message is to provide you important information regarding web server security. Please note that the following software in your environment is considered to be outdated or vulnerable:
admin-css-mu version 2.7 that is located at /home/someuser/public_html is outdated
The recommended for use version of this software is 2.8
340 more items found.
Please do the following:
- Option 1: Make sure WordPress administrator(s) responsible install the necessary updates.
- OR
- Option 2: Upgrade from ImunifyAV to support team. All the best, Imunify360 Security Team "Imunify::Generic" notifications are currently configured to have an importance of "High". You can change the importance or disable this type of notification in WHM"s Contact Manager at:
-
Hey there! The instructions at the bottom *should* take you to WHM >> Contact Manager, where you can adjust the Imunify settings. Can you try working with that page to see if that gets you the desired behavior? 0 -
Sorry, I thought it was clear when I wrote "Instructions at the bottom of the said email lead to nowhere in WHM 108." but perhaps it was not. Let me rephrase it: Whenever I click on the link at the bottom of the email, it opens a browser window to WHM and displays nothing about Imunify. Please, take a look at both attached screenshots and if possible, let me know how I can disable that "security" email. Please don't hesitate to let me know if my question is still unclear. 0 -
Also: 0 -
Are you logged in as a reseller? You should have more options under the "Notifications" tab than what you're seeing there. 0 -
I'm logged in as root. 0 -
That's odd - you should have an entire page of options there showing all the notification options for the entire server. Is there anything logged to the cPanel error log (/usr/local/cpanel/logs/error_log) when loading that page? If not, we'd like to take a look at this through a ticket if you could submit one. 0 -
It's not ideal, but on friday, I've run: imunify-antivirus config update '{"ADMIN_CONTACTS": {"enable_icontact_notifications": false}}' (sorry, cpanel.net forum is broken and won't let me format as code) It's been 4 days and I have not received any email from Imunify yet, so that might have fixed it. We'll wait a week just to be sure. 0 -
After 1 week, I'm happy to report that the suggestion by ITHKBO seems to have worked! Thank you ITHKBO for helping me out! This: Also thx cPRex for replying, as usual, I appreciate it. 0 -
I don't get why this is sent to the administrator. Wordpress plugins are installed and managed by the user, send the notification there. 0 -
I don't get why this is sent to the administrator. Wordpress plugins are installed and managed by the user, send the notification there.
ImunifyAV is not associated nor directly linked with Wordpress it simply registers anomalies in data it does not matter what CMS it is. It gets send to the contact of the WHM account because they need to know the status of the data they are hosting as well as any client. Best case you have a client that understands the importance of keeping a CMS installation secure but if not than you as the server maintainer, provider have a history log of actions *not* taken and can inform the client directly to take necessary actions or take further measures yourself to avoid damage to the server, data integrity.0 -
ImunifyAV is not associated nor directly linked with Wordpress it simply registers anomalies in data it does not matter what CMS it is. It gets send to the contact of the WHM account because they need to know the status of the data they are hosting as well as any client. Best case you have a client that understands the importance of keeping a CMS installation secure but if not than you as the server maintainer, provider have a history log of actions *not* taken and can inform the client directly to take necessary actions or take further measures yourself to avoid damage to the server, data integrity.
If at least clients are informed they have the opportunity to update their software.0
Please sign in to leave a comment.
Comments
12 comments