Hello Fabian,

I am sorry that you weren't able to find the information needed, it is possible that the issue is non-standard, though. Let my address your question and if there will be further inquiries, please ask.

1. Whenever Native feature control for cPanel is activated, a user with reseller’s role and View Reports plus Cleanup package permissions should be able to list the malware found and apply Cleanup action in the corresponding user’s directory only. Although, with the reseller role, the observed behaviour was confirmed. It is recommended to remove access to Imunify for resellers.

The root (or other users with root privileges) will be able to see the scan history of every user, while regular users, should not see all users’ scan results. Although Imunify service indeed is working under the root account, regular users are limited to scan paths only those that they have access to. As for the reseller user it is not expected to be able to list of all the domains hosted, and as of now the corresponding task to alter such a behaviour is considered a feature request.

Short side note, it is sometimes possible to list the previous user’s scan results if an account was renamed or ID was.

In general, cPanel's Native feature management allows you to predefine the package and set it for the user. The main benefit of using Native feature management is the possibility to control users with the cPanel packages. The Package allows switching between these three modes:

1. Not available,
2. View Reports-only
3. Reports and Cleanup.

With the last option switched on, a user should be able to see the list of detections and also Cleanup files. As such, for the usage of the Native feature management scenario, could you please check that the package defines permissions as View plus Cleanup and that the feature set for the reseller’s package includes Imunify plugin?

If both are in place the disappearance issue is not expected, although if the Imunify plugin feature was removed from the package, such a package will not allow the user to use the Imunify plugin’s UI and the user side UI might be hidden completely, include the feature to the plan and use:
to enable the UI.


2. Furthermore, there with both feature management systems there are per user permissions that can help to limit or grant access in a more granular way, and in this regard, the “feature av” parameter which is used for the Malware Cleanup possibility can be used as described in the article:


So with this global and override options in mind it is possible to allow the user, say “reseller” to run the scanner despite the global setting as per:

While to allow users to use scan globally:

Global configurations can be shown with:

The global preferences will not change per user permission. Although, those can be shown with:

and reassigned if needed:

The reseller still will be able to see all account, even if those do not belong to the account. Please, let us know if this can satisfy your needs.

Worth mentioning that user overriding preferences, there are options to give more granular control, e.g. deny all users access to ignore list, deny starting scans, and allow one user to override server-wide configuration set by an admin:

For example, regarding user_ignore_list parameter, a user can add detected files to ignore lists, provided the privilege is granted in the permissions section of the configuration file: