Malware Protection
Malware blocked. Attacks filtered. Kernel patched live. On every plan.
Every 2MHost account ships with Imunify360, a six-layer security suite that scans for malware, blocks attacks at the firewall, and patches the OS while the server keeps running. Pre-configured. Always on. Most customers never have to touch it.
What's included
A security suite, not a "scanner you should buy".
Imunify360 runs four meaningful defenses on every account. Each one is the kind of thing other hosts charge $5 to $30 a month for; we include it on the $3.25/month plan.
Free. All packages. All hosted websites.
-
Malware scanner & auto-cleanup
Continuously scans every file written to your account. Infected files get cleaned or quarantined the moment they hit disk, before they get a chance to spread or get listed.
-
Application firewall (WAF)
Blocks SQL injection, XSS, and the other usual suspects at the request layer. Ambiguous traffic gets a Captcha challenge instead of an outright block, so false positives stay rare.
-
Proactive defense against zero-days
Detects malicious behavior in real time, not by signature. An exploit can be brand new and unknown to the world and still get stopped the moment it tries to do something destructive.
-
Live kernel patches (KernelCare)
Kernel security patches apply while the server is running. Vulnerability windows close in hours, not weeks, and the box never has to reboot.
Under the hood
Detect. Block. Restore.
The whole loop runs server-side, in milliseconds, against every file and every request that touches your account.
-
Detect
Continuous, behavior-aware scanning
File-system events trigger an incremental scan, so we never reread your whole disk. Signatures catch known malware; behavioral heuristics catch the rest.
-
Block
WAF + quarantine before damage lands
Malicious HTTP requests get Captcha-challenged or rejected at the firewall. Suspect files are moved to quarantine before they ever get loaded by your CMS.
-
Restore
You only hear about it if you need to
Cleanup happens silently. If a legitimate file gets flagged, the Imunify panel in cPanel lets you whitelist and restore it in one click. The filter remembers, so the same pattern doesn't recur.
Scope
-
Included on every plan, no tier upsell
-
Covers all domains and add-ons
-
Pre-configured, tunable in cPanel
-
On the moment your account spins up
FAQ
Common security questions.
Quick answers to what people usually ask before letting an automated security layer touch their site.
Is Imunify360 really included on every plan?
Yes. Every plan, from Starter at $3.25/month to Growth $15/mo. There's no "premium security" upsell here. The license cost gets absorbed into the same flat monthly price you signed up at.
Will it slow my site down?
No noticeable amount. Scanning runs on a low-priority queue and uses incremental file-system events, so we don't reread your whole disk on a schedule. WAF decisions happen at the network layer in sub-millisecond time. If your site feels slow, the bottleneck is almost always somewhere else.
What if a legitimate file gets flagged as malware?
It happens occasionally with bespoke or obscure code. You'll see it in the Imunify section in cPanel, click to restore it from quarantine, and add it to your whitelist. The filter remembers the whitelist, so the same file doesn't get flagged again.
What does Imunify360 not do?
It's a server-side security layer, not a complete protection stack. It doesn't replace HTTPS in transit (that's our free SSL, also included). It doesn't filter spam in your inbox (that's our spam filter). And it can't keep your CMS, themes, or plugins up to date for you.
Do I need to configure anything?
No. Default settings work for the overwhelming majority of sites. If you do want to tune it or review malware finds, the entire Imunify360 panel sits in cPanel under "Security". No separate dashboard.
Ready to host on a server that defends itself?
Hosting from $3.25/month. Imunify360 included.
Pricing-locked for life. 30-day money-back guarantee. Every account spins up with security already on.