In Progress CPANEL-40545 - No brute force protection detected while Imunify360 active

[Duplika]

cPanel security advisor 1.04 reports no brute force protection, while detecting Imunify 360 is active and enabled.

Do you advise having both enabled?
If not, would it be possible to improve Security Advisor to give better actionable insights?

 

[cPRex]

Hey there! I created a v102 test server and did the following:

-confirmed that cPanel's Brute Force Protection is enabled by default
-turned off cPHulk
-installed Imunify360
-went back to the Security Advisor page and I see "Your server is protected by Imunify360" but I do not see the brute force protection warning. At this point I'm not able to reproduce the issue you're seeing, so it might be best to create a ticket with our team so we can check that particular system.

 

[Duplika]

We are using CloudLinux 8.5, just restarted Imunify 360, tried enabling / disabling Bruteforce protection... even server has been restarted but the warning stays.

 

[cPRex]

I was able to reproduce this on a CloudLinux machine. I've got a case incoming and I'll update soon!

 

[cPRex]

I've created case CPANEL-40545 with our developers and I'll be sure to post an update here once I have details to share.

 

[cPRex]

Update: We've done some research on this and found that i360 does what cPHulk does and both do not need to be enabled. Security Advisor still needs to be adjusted to correctly detect i360.