Imunify360 intrusion detection is based on Mod Security rules. Mod Security is an application firewall on the server-side. Imunify360 has integrated mod security ‘rules’ that are updated daily. These rules are what protect our customers websites from all sorts of attacks.
The intrusion detection aspect scans server logs for suspicious events, such as failed login attempts, and blocks IP addresses triggering such events. If you try visiting the website and are presented with a ‘Protected by Imunify360‘ Captcha screen as shown in the image below.
You’ll then be presented with a Captcha challenge when visiting your website, completing the Captcha will unblock your IP address and add it to a temporary whitelist.
The system is designed to stop automated bots from brute-forcing their way into your account while minimizing inconvenience to humans. So if you inadvertently enter the wrong credentials on your website you can now ‘unblock’ yourself without having to contact support.
In the case of repeated violations, your IP address will be automatically added to the Grey List again and the process will have to be repeated.