Imunify360 without CSF, cPanel SecRuleEngine?
  1. Forums
  2. Imunify360
  3. Imunify360 and Imunify Sensor
  1. eminos
  2. 08.05.2017
  3.  Subscribe via email
I'm using Imunify360 on cPanel without CSF.
I've been using it for a while and have been getting a lot of false positives in cPanels ModSecurity and I started disabling those rules messing with my websites. I realized this is not the solution (disabling rules).

I found information in the Imunity360 docs that SecRuleEngine should be set to DetectionOnly, which I then realized was not. (Although the docs are a bit unclear on the ModSecurity settings when NOT using CSF)

I changed it in WHM -> ModSecurity Configuration -> Rules Engine = "Process the rules in verbose mode, but do not execute disruptive actions.". Which I guess is "DetectionOnly".

Is this the correct setting for Imunify360 on cPanel without CSF? Is it safe enough?

And also, should I be using CSF together with Imunify360 (since there is so much talk about CSF, also in the docs)?
Rate this post:
  1. 10.05.2017 03:05:40
  2. # 1
Rushan Shaymardanov Accepted Answer
Posts: 0
Joined: 07.08.2020
1. It's safe to set SecRuleEngine to DetectionOnly with imunify360, in this case imunify360 will block by mod_security events with high severity that highly reduces false positives rate.

2. You do not have to use CSF with imunify360.
  • Page :
  • 1

There are no replies made for this post yet.
Be one of the first to reply to this post!
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.