How to Boost WordPress Security with Imunify360, Firewall & WHM Backups

October 18, 2025 / WordPress

A WordPress site’s security becomes increasingly more important as it expands. Imunify360, firewall protection, vulnerability scanning, and off-site backups are all included in eukhost, so you can take proactive measures to prevent malware, intrusions, and data loss. You can configure and activate these tools for strong protection by following the steps in this article.

Protect Your Website Using Imunify360

Imunify360 is a comprehensive security suite integrated with WHM and cPanel. It uses advanced AI and real-time malware detection to protect your websites.

Steps:

  1. Log in to WHM.
  2. Navigate to Plugins > Imunify360.
    imunify360
  3. Review the Security ‘Dashboard’ for detected threats and recent events.
    dashboard
  4. Use the ‘Malware Scanner’ to perform a full server or cPanel account scan.
    malware scanner
  5. Go to the ‘Malware Cleanup’ section to delete or quarantine infected files.
  6. Enable ‘Proactive Defense’ to block malicious PHP scripts automatically.
    proactive defense
  7. Enable ‘Reputation Management’ to ensure your domains are not blacklisted.
    reputation management
    Tip: Imunify360 also highlights outdated WordPress installations, plugins, and themes. Always update them promptly to minimise vulnerabilities.

Configure and Use Firewall Protection (CSF)

The ConfigServer Security & Firewall (CSF) is a powerful firewall integrated within WHM. It filters incoming and outgoing traffic, blocks suspicious IPs, and monitors attacks.

Steps:

  1. Log in to WHM.
  2. Go to Plugins > ConfigServer Security & Firewall (CSF).
    configserver
  3. Verify that the Firewall Status shows ‘Enabled and Running.’
    firewall status
  4. To block a specific IP, click ‘Quick Deny’ and enter the IP address.
    quick deny
  5. To whitelist a trusted IP, use ‘Quick Allow’ and enter your IP (e.g., your office or home).
    quick allow
  6. To monitor blocked connections, view ‘Temporary Allow/Deny’ IPs under the firewall options.
    temperory allow/deny
  7. Enable Country Blocking if attacks originate from certain regions.
    allow selected
    Tip: Avoid blocking large IP ranges unless necessary. Misconfiguration can prevent legitimate users or administrators from accessing the server.

Secure Data with Offsite Backups

Offsite backups are important for disaster recovery. Storing backups remotely protects against ransomware, accidental deletions, or hardware failures.

Steps:

  1. In WHM, go to ‘Backup Configuration’.
    backup configuration
  2. Set ‘Backup Status’ to Enabled.
    enable backups
  3. Choose a Backup Destination such as:
    • Remote FTP/SFTP Server
    • Amazon S3
    • Google Drive
    • Remote Backup Space provided by your host
      backup configuration
  4. Define your Backup Schedule (daily, weekly, or monthly).
    scheduling
  5. Include Account Files, Databases, and Email Forwarders.
    files>backup
  6. Click ‘Save Configuration’.
    save configuration
  7. Test backup restoration periodically to verify file integrity.
    Tip: Keep at least 7–14 days of backup retention for better recovery flexibility.

Additional Security Recommendations

  • Install and enforce SSL (HTTPS) on all sites.
  • Enable Two-Factor Authentication (2FA) in cPanel.
  • Use strong passwords for WordPress and MySQL databases.
  • Disable XML-RPC if not required.
  • Regularly update WordPress core, themes, and plugins.
  • Limit login attempts and use CAPTCHA on WordPress login pages.

This way, by combining Imunify360, CSF Firewall, and Offsite Backups, you establish a strong, covered defense strategy for your WordPress hosting environment.
This setup ensures continuous protection against malware, unauthorised access, and data loss, keeping your websites and clients secure.

However, if you face any difficulty in this process, feel free to contact our support staff.

Enhance your server protection further – learn How to install Imunify360

Spread the love