Hello, Majid!
You could get currently active vendor by running "/usr/local/psa/admin/sbin/modsecurity_ctl -L --enabled".
In your case, I can see that "imunify360-full-apache" is already installed.
However, if you want to use Imunify360's ModSecurity rules and some other vendor is active now, you could use instructions from my previous comment.
If Imunify360's vendor is already active and upload of malicious files is still allowed, then it's unexpected behavior, please submit a ticket with our technical support at
https://cloudlinux.zendesk.com (Imunify360 department) so our team can help you with the issue.
Thanks!