> ## Documentation Index
> Fetch the complete documentation index at: https://help.noxity.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Overview

> Imunify360 is the server-wide malware scanner and proactive defense layer running on Noxity hosting. Files tab, scan history, ignore list, action log, what's automatic and what's yours to act on.

Imunify360 is the antimalware and active defense layer on every Noxity hosting plan. It scans files on upload and on a schedule, blocks known attack patterns at the firewall level, and quarantines anything that matches a malware signature. Most of the work happens silently in the background; the cPanel-side interface is for the parts where you might need to step in.

Open it from cPanel home → **Security** → **Imunify360**.

<Frame caption="Imunify360 in cPanel">
  <img src="https://mintlify.s3.us-west-1.amazonaws.com/noxity/images/cpanel/security-settings/imunify360/dashboard-light.png" alt="Imunify360 dashboard with the user-side tabs" className="block dark:hidden" />

  <img src="https://mintlify.s3.us-west-1.amazonaws.com/noxity/images/cpanel/security-settings/imunify360/dashboard-dark.png" alt="Imunify360 dashboard with the user-side tabs" className="hidden dark:block" />
</Frame>

## What you'll see

The user-side dashboard splits into a few sections. Names and exact tabs vary slightly between Imunify360 versions; the underlying jobs are these.

### Files (the malware scanner)

The main tab. Lists files Imunify360 flagged as malware on your account, with the path, the threat name, the timestamp, and per-row actions:

* **View.** Inspect the file's contents (read-only) and the matched signature.
* **Restore from backup.** If a previous Imunify360 cleanup quarantined the file, restore the original.
* **Ignore.** Mark this file as safe. The path moves to the Ignore List and won't be flagged on future scans.
* **Delete.** Remove the file.

Use **Ignore** sparingly. A genuine malware file you mark as safe will keep running. Use it only when you're sure the file is a legitimate part of your application that happens to match a signature.

The **Scan** button at the top runs an on-demand scan of your account. Imunify360 also scans on a schedule and on every file upload, so you rarely need to trigger one manually.

### History (past scans)

A chronological list of every scan that's run on the account. Each row has the start time, duration, files scanned, files flagged. Useful for confirming scans are running on schedule and for spot-checking a specific time window after an incident.

### Ignore List

Every path you've marked **Ignore** lands here. The list is editable: remove a path to put it back under scan. Patterns and globs are supported (e.g. `/home/myuser/public_html/wp-content/plugins/legitimate-plugin/*`) so you can ignore an entire trusted directory in one entry.

Be conservative with broad globs. Ignoring `/wp-content/uploads/*` would also ignore malware that landed there, which is a common upload-vulnerability target.

### Action Log

A timestamped trail of everything Imunify360 has done on your account: files quarantined, files cleaned, IPs banned, scans started and finished. Useful when something on your account stops working and you want to see if Imunify intervened.

## What runs in the background

A few Imunify360 features don't surface as tabs on the user side; they just work:

* **Real-time on-upload scanning.** Every file written to disk (FTP, SFTP, File Manager, plugin install) is scanned before it lands.
* **Web Application Firewall extensions.** Imunify360 augments [ModSecurity](/web-hosting/cpanel/security-settings/modsecurity) with its own rule list and IP reputation feed.
* **Proactive Defense.** PHP runtime hardening that catches malicious code patterns at execution time, even when the file itself isn't flagged.
* **IP reputation.** Server-wide block list shared across the Imunify360 fleet. An IP that's actively attacking other accounts is blocked on yours before it tries.

These don't have user-side toggles. If something genuine is being blocked, open a ticket with the source IP or the request details and we'll review.

## What you'll typically use this for

| Situation                                          | What to do                                                                                                                                                   |
| -------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| Imunify quarantined a file you know is legitimate  | Restore it, then add it to the Ignore List so it doesn't get flagged again.                                                                                  |
| You suspect malware but don't see anything flagged | Click **Scan** for an on-demand check. Open a ticket if you still suspect compromise.                                                                        |
| A real visitor is being blocked by the WAF         | Open a ticket with the visitor's IP and the URL they were trying to reach.                                                                                   |
| You see Action Log entries you don't recognize     | The path and timestamp tell you what was acted on. If it's a plugin or theme file, restore from backup; if it's a file you don't know, leave it quarantined. |

## What Vulnerability Protection (paid) adds

Imunify360 includes runtime hardening that catches common attack classes. The separate **Vulnerability Protection** add-on in [WP Toolkit](/web-hosting/cpanel/domain-management/wordpress-management/overview) adds virtual patching specifically for known WordPress plugin and theme CVEs, applying a patch in front of the vulnerable code without waiting for the upstream fix.

The two layers complement each other. Imunify360 alone is enough for most sites; high-traffic WordPress installs that can't keep every plugin updated benefit from adding Vulnerability Protection.

## Common issues

<AccordionGroup>
  <Accordion title="A legitimate file keeps getting quarantined">
    Imunify360's signatures occasionally match obfuscated-but-legitimate code (some premium themes, certain page builders). Restore the file, add the exact path to the Ignore List, and open a ticket with the file path, we'll forward the false-positive sample upstream so the signature gets refined.
  </Accordion>

  <Accordion title="My site is timing out and I think Imunify is blocking it">
    Check the [Action Log](#action-log) for IPs banned around the time the timeouts started. If the visitor's IP is listed, they were blocked. Open a ticket with the IP and we'll review.
  </Accordion>

  <Accordion title="Scan is taking forever">
    First scans on a big account (lots of WordPress files, many themes, big media folder) can take 30 minutes or more. Subsequent scans are faster because of incremental checks. If a scan is genuinely stuck (no progress for an hour+), open a ticket.
  </Accordion>

  <Accordion title="I want to disable Imunify360 on my account">
    You can't turn it off from the cPanel side; it runs server-wide and protects every account. If a specific behavior is breaking your workflow, open a ticket and we can usually exempt the specific path or rule.
  </Accordion>
</AccordionGroup>

## Need a hand?

<CardGroup cols={2}>
  <Card title="Open a ticket" icon="life-ring" href="https://members.noxity.io/submitticket.php">
    Best for anything that needs an account check or a config change on our end.
  </Card>

  <Card title="Live chat" icon="messages" href="https://noxity.io/contact">
    Faster for quick questions during business hours.
  </Card>
</CardGroup>

<div className="mt-8">
  <Accordion title="Sources" icon="book-bookmark">
    * [Security Settings overview](/web-hosting/cpanel/security-settings/overview)
    * [ModSecurity (WAF)](/web-hosting/cpanel/security-settings/modsecurity)
    * [WP Toolkit + Vulnerability Protection](/web-hosting/cpanel/domain-management/wordpress-management/overview)
    * [Imunify360 vendor docs ↗](https://docs.imunify360.com/)
  </Accordion>
</div>