How to Install Imunify360 on a cPanel/WHM Server

Imunify360 is a comprehensive, AI-driven security platform for web hosting servers. It bundles a Web Application Firewall (WAF), Intrusion Prevention System (IPS), malware scanner, real-time antivirus, and reputation management into a single WHM plugin. It's the most popular security solution for cPanel servers after CSF.

What Imunify360 Protects Against

• Brute-force attacks on SSH, FTP, cPanel, and webmail
• Known exploits and zero-day vulnerabilities via the WAF
• Malware-infected files (PHP shells, backdoors, miners)
• DDoS and port-scan attacks via IP reputation lists
• Compromised accounts uploading malicious content

Prerequisites

• cPanel/WHM server (AlmaLinux 8/9, CloudLinux 7/8)
• Root SSH access
• Imunify360 licence from imunify360.com (free trial available)
• At least 1 GB RAM available

Step 1 — Download and Run the Installer

wget https://repo.imunify360.cloudlinux.com/defence360/imunify360-deploy.sh
bash imunify360-deploy.sh --key YOUR_IMUNIFY360_KEY

If you're trialling, use:

bash imunify360-deploy.sh --key FREE

Installation takes 3–8 minutes. Follow the output for any errors.

Step 2 — Access Imunify360 in WHM

Navigate to WHM > Plugins > Imunify360. The dashboard shows live attack statistics, blocked IPs, and malware detections.

Step 3 — Configure Brute-Force Protection

Go to Imunify360 > Settings > PAM and enable:

• PAM brute-force attack protection — blocks repeated failed logins on SSH, FTP, cPanel
• Set Failed login attempts to 5 within 3 minutes
• Set Block period to 1 hour for the first offence

Step 4 — Enable the Malware Scanner

Under Imunify360 > Malware Scanner > Settings:

• Enable Real-time scanning — scans every newly uploaded or modified file
• Enable On-demand scanning and schedule a weekly full scan
• Set Action on detect to Quarantine — moves infected files rather than deleting them

Step 5 — Configure the Web Application Firewall

In Imunify360 > WAF, switch from Detection mode to Protection mode once you're satisfied there are no false positives. The WAF uses the OWASP ModSecurity ruleset plus Imunify's own signature set.

Step 6 — Whitelist Your Own IPs

Add your office and management IPs to the whitelist so Imunify never blocks them:

imunify360-agent whitelist ip add --ip 203.0.113.10 --comment "Office IP"

Checking Imunify360 Status

systemctl status imunify360
imunify360-agent version

Conclusion

Imunify360 provides layered security that goes well beyond a basic firewall. For shared and reseller hosting environments, it's one of the best investments you can make — catching threats automatically without manual rule management. Combine it with CSF Firewall and CloudLinux for a fully hardened server stack.