<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">

How to forcibly enable Blamer for all users on the server

ForciblyEnableBlamer

Imunify360 team decided to work on some security shortages and eliminate them. It was a supported practice for web hosting clients, to manage their own security settings such as Proactive Defense.

For a regular user it was possible to switch off Blamer in cPanel through set of options:

 Settings → Proactive Defense → tick off Enable blamer

 

Such configuration resulted in stopping of Blamer events generation for this particular user. This will no longer be the case, because by our consideration this arrangement does not benefit overall security of the server since users could affect server security without being aware of doing so. The decision was made to make this setting manageable only by the server administrator.

What was changed?

  • The option to disable Blamer is now removed from the end user interface. Configuration itself, though, will stay intact - if the Blamer was already switched off by the user it will remain inactive. 
  • Server administrator will be notified via dashboard notifications about Blamer being switched off for the users who decided to do so. 
  • Administrator has an opportunity to go ahead and fix the security gap by switching the Blamer on for said users through an option available in the global configuration panel.
    As another option to control these settings for an administrator there is a separate configuration file for each user in /etc/imunify360/user_config/.

Secure Blamer configuration

To forcibly enable Blamer for all user сonfigs on the server - execute the following command:

for i in $(ls /etc/imunify360/user_config/*/imunify360.config); do sed -i '/blamer/c\ blamer: true' $i; done

To give the setting a "null" value, so that administrative settings will be inherited by all users:

for i in $(ls /etc/imunify360/user_config/*/imunify360.config); do sed -i '/blamer/c\ blamer: null' $i; done

To backup each user config and forcibly switch Blamer on:

for i in $(ls /etc/imunify360/user_config/*/imunify360.config); do cp -p $i{,.backup}; sed -i '/blamer/c\ blamer: true' $i; done

Alternatively - use the following script:

for username in $(ls /etc/imunify360/user_config); do
if grep -q 'blamer:\s*false'
"/etc/imunify360/user_config/$username/imunify360.config"; then

echo "updating $username";
imunify360-agent config update --json --user "$username"
'{"PROACTIVE_DEFENCE": {"blamer": null}}';

fi
done

How to forcibly enable Blamer for all users on the server

ForciblyEnableBlamer

Imunify360 team decided to work on some security shortages and eliminate them. It was a supported practice for web hosting clients, to manage their own security settings such as Proactive Defense.

For a regular user it was possible to switch off Blamer in cPanel through set of options:

 Settings → Proactive Defense → tick off Enable blamer

 

Such configuration resulted in stopping of Blamer events generation for this particular user. This will no longer be the case, because by our consideration this arrangement does not benefit overall security of the server since users could affect server security without being aware of doing so. The decision was made to make this setting manageable only by the server administrator.

What was changed?

  • The option to disable Blamer is now removed from the end user interface. Configuration itself, though, will stay intact - if the Blamer was already switched off by the user it will remain inactive. 
  • Server administrator will be notified via dashboard notifications about Blamer being switched off for the users who decided to do so. 
  • Administrator has an opportunity to go ahead and fix the security gap by switching the Blamer on for said users through an option available in the global configuration panel.
    As another option to control these settings for an administrator there is a separate configuration file for each user in /etc/imunify360/user_config/.

Secure Blamer configuration

To forcibly enable Blamer for all user сonfigs on the server - execute the following command:

for i in $(ls /etc/imunify360/user_config/*/imunify360.config); do sed -i '/blamer/c\ blamer: true' $i; done

To give the setting a "null" value, so that administrative settings will be inherited by all users:

for i in $(ls /etc/imunify360/user_config/*/imunify360.config); do sed -i '/blamer/c\ blamer: null' $i; done

To backup each user config and forcibly switch Blamer on:

for i in $(ls /etc/imunify360/user_config/*/imunify360.config); do cp -p $i{,.backup}; sed -i '/blamer/c\ blamer: true' $i; done

Alternatively - use the following script:

for username in $(ls /etc/imunify360/user_config); do
if grep -q 'blamer:\s*false'
"/etc/imunify360/user_config/$username/imunify360.config"; then

echo "updating $username";
imunify360-agent config update --json --user "$username"
'{"PROACTIVE_DEFENCE": {"blamer": null}}';

fi
done
Subscribe to Imunify security Newsletter