We’re pleased to announce a new beta version of the Imunify360 Firewall module. Version 7.0 is now available!
The following features are new in the v.7.0 beta release:
- cPanel compromised accounts passwords reset
A new level of protection stops attackers from using compromised accounts.
cPanel compromised accounts passwords reset
We are pleased to introduce a new capability that enables resetting passwords for compromised cPanel accounts. Upon activating this functionality, our platform will detect instances where a cPanel account password has been breached and will subsequently prevent access using the compromised password. End users will then be prompted to create a new password via the cPanel password reset process. This is designed to mitigate the risk of the account being exploited for malicious purposes such as abusing server resources, traffic abuse, or damaging IP reputation.
The feature is experimental and will be delivered disabled by default. We’d appreciate your feedback once you’ve tried it.
To switch the feature on use the following CLI command:
# imunify360-agent config update '{"CONTROL_PANEL": {"compromised_user_password_reset": true}}'
To switch it off:
# imunify360-agent config update '{"CONTROL_PANEL": {"compromised_user_password_reset": false}}'When switched on, the system notifies the server’s administrator via Contact Manager once a day after changing the compromised passwords for users. The topic of the message is “Compromised accounts on {hostname}: passwords reset.” If you would like to receive such notifications at another email address or through another contact channel, you can change it in WHM’s Contact Manager.
Note: The end users will not receive notifications on password changes, but they will not be able to log in with their old passwords that were compromised. Thus they will have to use the standard cPanel password reset feature to log in.
CATEGORY:Imunify 360
