Turning Off the Wordpress Security Nannies - ImmunifyAV / WP Toolkit
I get it, one of the easiest ways to hack a server is through a poorly managed Wordpress site. Obviously over the year Cpanel has taken the stance many of its users are not competent enough to secure their Wordpress sites. And on Reseller sites with dozens of different customers, this is probably a wise assumption and saves the Reseller a lot of support headaches. So I understand why by default h ImmunifyAV and WP Toolkit detecting and monitoring Wordpress sites.
But for those of us that we managing all the accounts and Wordpress sites which are locked down using a combination of network, software (configserver), and application level (Wordfence, Succuri) protections, the Immunify and WP Toolkit Worpress notifications are irritating as they are redundant with the notifications you get from the Wordpress security plugins.
WP Toolkit is no problem as you just detach the wordpress sites from it.
Immunify is a different store as it is a malware scanner for the entire server, which is useful, and it's Wordpress monitoring is just one part of it.
Can the Wordpress monitoring in Immunify be disabled while keeping the malware scanning?
If not, is the only solution to disable Immunityav (systemctl stop imunify-antivirus) and switch to something like ClamAV?
-
Hey there! Could you provide an example notification subject line that you receive about this? could this be the https://blog.imunify360.com/waf-rules-auto-configurator for WordPress?
0 -
That link you provided I believe is documenting a feature in the paid version of Immunify360. I'm talking about this notification that comes from ImmunifyAV which is included free in Cpanel. Note that I believe WHM labels it as Immunify360 instead of ImmunifyAV whether you are using the free or paid subscription which is a little confusing but on the Immunify control panel you are of course prompt to pay for a subscription for Immunify360 verifying you are on the free version.
The manage subscriptions link is merely the ability to control ALL notifications (it's not segmented by system level or Wordpress) It's basically on/off and where they go to.
I note that the path in the email isn't the full path of the plugin. I was thinking a workaround we be to disable the public_html folder of all the Wordpress sites making them excluded in the Immunify settings. Kind of cumbersome but might just work. Securi plugin already scans all Wordpress folders. It's actually more sensitive than Immunify as it picks up system file modifications and new unknown files not just malware.
Dear Administrator,
We've detected vulnerable WordPress versions in your system:
-
woocommerce version 9.1.2 that is located at /home/elemental/public_html is outdated
The recommended for use version of this software is 9.1.4
Quick Steps to Secure:
- Alert WordPress admin(s) to update ASAP.
- Upgrade to Imunify360 for broader security coverage.
Questions? Our team is here to help.
Stay Safe,
Imunify360 Security Team0 -
woocommerce version 9.1.2 that is located at /home/elemental/public_html is outdated
-
Thanks for the additional details. It doesn't look like that is an option as you can only disable all of the notifications. The Imunify team directed me to this documentation page:
https://blog.imunify360.com/how-to-manage-imunify-security-notifications
Could you submit a feature request for more granular notifications there at features.cpanel.net, as I also work closely with that area?
0
Please sign in to leave a comment.
Comments
3 comments