Hi Oliver,
Thank you for posting. Here are the recommended steps and links. I hope this helps.
- Deny Ping/ICMP from Internet and Intranet
Ans : The default ping function should be disabled and you could try to ping the appliance internally see if it's successful, and below KB articles are for your reference about it.
https://docs.imperva.com/howto/96be137c
https://docs.imperva.com/howto/a068d155
- Allow only HTTPS access to WebUI and SSH only to CLI
Ans: http access is typically closed to the appliance - you can check this with the nmap tool and scan for open ports.
For SSH related, you may refer to below KB for your reference, you could disable the weak cipher to enhance the connection.
https://docs.imperva.com/howto/520a2ccf
- HTTP WebUI redirection
Ans: Upon checking, the appliance(MX) UI doesn't have a http redirection function, instead of it, users must use Https to reach the site for a more secure connection.
Thanks,