Imunify360 team decided to work on some security shortages and eliminate them. It was a supported practice for web hosting clients, to manage their own security settings such as Proactive Defense.
For a regular user it was possible to switch off Blamer in cPanel through set of options:
Settings → Proactive Defense → tick off Enable blamer.
Such configuration resulted in stopping of Blamer events generation for this particular user. This will no longer be the case, because by our consideration this arrangement does not benefit overall security of the server since users could affect server security without being aware of doing so. The decision was made to make this setting manageable only by the server administrator.
To forcibly enable Blamer for all user сonfigs on the server - execute the following command:
for i in $(ls /etc/imunify360/user_config/*/imunify360.config); do sed -i '/blamer/c\ blamer: true' $i; done
To give the setting a "null" value, so that administrative settings will be inherited by all users:
for i in $(ls /etc/imunify360/user_config/*/imunify360.config); do sed -i '/blamer/c\ blamer: null' $i; done
To backup each user config and forcibly switch Blamer on:
for i in $(ls /etc/imunify360/user_config/*/imunify360.config); do cp -p $i{,.backup}; sed -i '/blamer/c\ blamer: true' $i; done
Alternatively - use the following script:
for username in $(ls /etc/imunify360/user_config); do
if grep -q 'blamer:\s*false'
"/etc/imunify360/user_config/$username/imunify360.config"; then
echo "updating $username";
imunify360-agent config update --json --user "$username"
'{"PROACTIVE_DEFENCE": {"blamer": null}}';
fi
done