Hi Yulian,

Your IP is expected to be auto-whitelisted for 24hrs when you pass the captcha. You also might have a dynamic IP that changes too often. Please contact our support -

to help us with finding out how your issue can be resolved.

Yulian,

> I cant login to my own blog without clicking capctha 3 times! The worst is, I neve succeed to change my store logo because of this imunify360 ask for captcha with no solution even Ive clicked it! Is it a virus?

This appears to be a bug, as far default behavior is to add your IP to whitelist for 24 hours, when you pass the captcha for the first time. Please help us with finding the problem details -

- Try to change store logo just as you described in your post.
- Reply this post with adding your IP address or tell us whether you use dynamic IP.
- Run `imunify360-agent doctor` command and reply this post with the output.

Look, guys, immunify 360 is doing a LOT OF DAMAGE monetarily ! I am an affiliate marketeer and I MUST send traffic to several advertisers (several hundreds actually), through my traffic distribution/ third party tracker system. All was fine before my hosting provider (rackforest) installed immunify 360, but since then, a lot of my affiliate traffic FOR WHICH I AM PAYING IMPORTANT SUMS OF MONEY TO FACEBOOK AND ADWORDS, is lost ! Ive seen this several times, it happened to me too, and it happened to customers of mine whom I happen to know personally, upon clicking on a facebook or adwords ad that shouldve redirected in less then a second, to an advertisers site, is BLOCKED by immunify 360 and asked to validate and then 5 seconds are wasted before the redirect. This is not good ! I cant talk my hosting provider out of using it, and I cant find a way to block it / stop using it on a cpanel-account or at least whm level ! This stupid module is LOOSING ME AND OTHER AFFILIATE MARKETEERS MONEY !!! So you need to either improve it, in order for it to NOT CONSIDER REDIRECTS as "suspicious activity", and / or give us the ability to restrict / disable its use on a whm / cpanel account level. Would you like me or others like myself, whom youve wronged this way, to ask you for compensations for the money we are losing because of it ? Didnt think so. I am very, very sad, and disappointed that immunify 360 does this to our businesses. How would you feel if some third-party company made you loose money, like you are making us loose it ? Not good, I presume.

It is sad to hear that Imunify360 appears to be such an issue for your business. Unfortunately, there is no so much info for us to figure out what went wrong, from your post.

Could you sent us test samples or describe use cases that do not work anymore for you or your client?

Could you provides us by url breakdown how Imunify360 has affected your affiliates traffic since activation?

In the meantime, there is option to disable Imunify360 for a specific domain. That is something that shall work for you.

Please contact your provider and ask for the next settings to be applied via Imunify360 cli -

and please repeat the same command for your domain aliases.

Imunify360 Nginx captcha feature must be ON for whitelisted domains to function. Checking the feature status in Imunify360 cli -

Install Nginx captcha (if needed) -

Kind regards,
Oleksiy Shchkin
Imunify360 developer

It would be almost irrelevant for me to give specifics about specific advertisers, but I can give you a sample as you say, about how this has affected me. I dont know if you are familiar with how affiliate marketing works, from what you asked me, it seems you are not.
So there are affiliate networks like 2performant.com, shareasale.com. peerfly.com, adcombo.com, etc., in which you as an affiliate (well, me in this case) are given access to creatives (banners, links, etc) that you can advertise on social media, adwords, facebook, etc., and if someone clicks on your ads, and gets to the advertiser through your link, you get a comission for the purchases they make.

In order for this to function, and in order to have the best possible stats, a visitor has to go through a "funnel", which can consist of several potential redirects, such as: facebook -> 3rd party tracker (traffic distribution system and private analytics) -> affiliate network -> final advertiser.

Lets just say that since my hosting provider has installed immunify 360, my mobile traffic has remained constant if I look at facebooks stats, BUT HAS NOT REACHED MY TRACKER AND HAS NOT REACHED THE NETWORK AND ADVERTISERS in the same quota. Because the moment they come from the ad networks (facebook ads, adwords, etc), THOSE NETWORKS THEMSELVES sometimes send the visit through their own tracking BEFORE reaching the private / 3rd party tracker, and then immunify blocks them, and they dont even get to the network that should send it further to the actual advertisers site.

This means, I pay for a click, for which adwords/facebook etc does actually provide me with a visitor, but that visitor DOES NOT GET to the destination they should get to, because they get stopped at the tracker/tds.

In august, just in the network 2performant.com, I had an almost 2x higher CTR (click-through rate), from the same amount of advertising, then in september / october / and ever since. That is, my hosting provider installed immunify around september, and I sent the first request to them, to stop immunify on my domains, immediately, because I noticed the drop in traffic.

And I dont only work with 2performant, but several other networks as well. Ive attached some samples with the decrease. I think its obvious from just comparing august 2017 to sept. 2017 what the result was.

And then theres the fact, that I, the administrator of that traffic distribution system, CANNOT EVEN LOGIN sometimes, neither from mobile, nor from desktop/laptop (Ive attached a screenshot), because after a few minutes of inactivity, or if my mobile IP changes, or if my local IP changes - which it will, since Im on a dynamically allocated IP - I will have to again and again confirm a captcha.

Ive seen in the forum here, that you stated, that an IP address should be whitelisted once theyve confirmed a captcha. That just doesnt make sense, we are living in a mobile world, and a routable IP address could belong to 10.000 different mobile phones during one single day, so its even possible that the person who confirmed the captcha from a routable IP address of a mobile net provider, is not the same person / same mobile, who because of this whitelisting, will get access. On the contrary, the next person using that same routable IP address, could be the malicious actor against whom the immunify suite should protect me from.

So... Im urging you, please reconsider how your suite is detecting what is suspicios and what is not, and give hosting providers a cpanel-level possibility to simply turn it off. I manage several sites, for several companies (WHM account) and Im telling you, both as a programmer and 30years-experienced IT support man myself, and as a customer of your customers (the hosting providers) , this is NOT an acceptable state of things. You need to improve this product a lot, in which endeavor I do wish you success.

If you want to test it yourself, please give me a direct e-mail address and I will give you banner rotators, and links from ads, that trigger this bad behavior, so I wont advertise needlessly my tracker links here.

Thank you

> Lets just say that since my hosting provider has installed immunify 360, my mobile traffic has remained constant if I look at facebooks stats, BUT HAS NOT REACHED MY TRACKER AND HAS NOT REACHED THE NETWORK AND ADVERTISERS in the same quota. Because the moment they come from the ad networks (facebook ads, adwords, etc), THOSE NETWORKS THEMSELVES sometimes send the visit through their own tracking BEFORE reaching the private / 3rd party tracker, and then immunify blocks them, and they dont even get to the network that should send it further to the actual advertisers site.

Please provide us with list of trackers you use and we will find out if that network has static ip range so we can use it for imunify static whitelist.

> Ive attached some samples with the decrease. I think its obvious from just comparing august 2017 to sept. 2017 what the result was.

As for those charts I see ConverstionRate% dropped 1.7x times. You were right on I am not familiar with how affiliate marketing works and I would like to kindly request you to email me (imunify-dev@cloudlinux.com) with concrete samples (urls and redirect sequence) those might got broken in September.

> And then theres the fact, that I, the administrator of that traffic distribution system, CANNOT EVEN LOGIN sometimes, neither from mobile, nor from desktop/laptop (Ive attached a screenshot), because after a few minutes of inactivity, or if my mobile IP changes, or if my local IP changes - which it will, since Im on a dynamically allocated IP - I will have to again and again confirm a captcha.
>
> Ive seen in the forum here, that you stated, that an IP address should be whitelisted once theyve confirmed a captcha. That just doesnt make sense, we are living in a mobile world, and a routable IP address could belong to 10.000 different mobile phones during one single day, so its even possible that the person who confirmed the captcha from a routable IP address of a mobile net provider, is not the same person / same mobile, who because of this whitelisting, will get access.

That is a known issue and feature "whitelist by client id" is going to be delivered in Q2 as the fix.

Kind regards,
Oleksiy Shchkin
Imunify360 developer