cPanel Tips: Troubleshooting the Imunify360 Agent

by

Troubleshooting the Imunify360 Agent

Understanding the Imunify360 Agent vs. imunify360-agent Command

For system administrators working with Imunify360, it is important to differentiate between the Imunify360 Agent as the core functionality of the security suite and the imunify360-agent command-line tool. The Imunify360 Agent is a service that runs continuously in the background, providing real-time security monitoring, malware scanning, and firewall protection. This service is managed by the systemd process under imunify360.service.

On the other hand, the imunify360-agent command is a user-accessible interface that allows administrators to interact with the agent, configure settings, perform malware scans, and manage firewall rules. While the agent is an essential component for Imunify360’s operation, the CLI tool provides control and troubleshooting capabilities.

Troubleshooting the Imunify360 Agent

If you suspect that the Imunify360 Agent is not functioning properly, follow these steps to diagnose and resolve issues.

1. Check the Service Status

To verify if the agent is running:

systemctl status imunify360

A working agent should show an active (running) status. If it is inactive, restart it:

systemctl restart imunify360

If the service fails to start, check the logs for errors:

tail -f /var/log/imunify360/agent.log

2. Verify Web Interface Functionality

  • Log in to WHM and navigate to Imunify360.
  • Ensure that security modules (firewall, malware scanner, proactive defense) are enabled.
  • Look for any alerts or error messages in the dashboard.

3. Check Active Network Connections

Imunify360 relies on ports 52223 and 52224 for cloud communication. Verify if these are open:

netstat -tulnp | grep 5222

If the ports are blocked, update firewall rules to allow them from localhost. Do not expose this ports.

4. Use the Built-in CLI Check

Run a self-check to identify potential issues:

imunify360-agent check

This will perform internal diagnostics and display recommendations for fixing issues.

5. Ensure the Agent is Up-to-Date

Imunify360 requires regular updates to maintain security efficacy. Check for updates with:

imunify360-agent update

Using the imunify360-agent Command for Troubleshooting

The imunify360-agent CLI tool provides direct control over various Imunify360 features. Below are common troubleshooting use cases:

1. Checking the Imunify360 Configuration

To review the current configuration:

imunify360-agent config show

To modify a setting, such as CPU usage for malware scanning:

imunify360-agent config update '{"MALWARE_SCAN_INTENSITY": {"cpu": 5}}'

2. Running an On-Demand Malware Scan

If you suspect malware infection, you can manually scan a specific directory:

imunify360-agent malware on-demand start --path /home/user/public_html

To check quarantined files:

imunify360-agent malware quarantine list

3. Managing Firewall Rules

If an IP is mistakenly blocked, you can remove it from the blacklist:

imunify360-agent ip-list delete <IP_ADDRESS> --list black

To whitelist a trusted IP:

imunify360-agent ip-list add <IP_ADDRESS> --list white --comment "Trusted IP"

References

  • Imunify360 CLI Commands – https://docs.imunify360.com/command_line_interface/
  • Imunify360 Official Documentation – https://docs.imunify360.com/
  • Firewall and Ports Information – https://docs.imunify360.com/firewall/