About mod_security

[luigidelgado]

Hi. Im having trouble configuring Mod_security...

I know it is installed in Cpanel... But it has limited Security Rules... went to Mod Security site and finished in this link below which is sort of confusing:

http://www.atomicorp.com/wiki/index...._not_using_ASL


confusing because I followed the install process (to reinstall Mod Security) but I got stuck at Step 4:

chown nobody.nobody /var/asl/data/msa
chown nobody.nobody /var/asl/data/audit
chown nobody.nobody /var/asl/data/suspicious
chmod o-rx -R /var/asl/data/*

the directory doesn't even exist... obviously as the title of the document is "CPANEL_users_not_using_ASL"

Has anybody succesfully set up the rules from Atomic?

[cPanelTristan]

Please note that Atomic has its own support forum at the following location:

atomicorp.com • Index page

Since these rules are outside the cPanel provided mod_security configuration, you'd probably find the best results asking this question at their forum.

[LinuxTechie]

Hello,

You can download the mod security rules from the below given URL :

http://www.gotroot.com/downloads/ftp...y/2.0/apache2/

[InterServed]

Hello,

You can download the mod security rules from the below given URL :

http://www.gotroot.com/downloads/ftp...y/2.0/apache2/

Those are very outdated .... use the following link instead:
Atomicorp

[LinuxTechie]

Hey !

Thanks for the link. I will recheck with the rules!

[k-planethost]

Those are very outdated .... use the following link instead:
Atomicorp

how can you update the default mod sec that comes with cpanel according to the info that you provide on this link?

[Infopro]

Unless you are using some sort of update script, you would refresh the files manually. It's not too awful tough.

Short of that, a closer look at the same website provides these details for you:
AtomiCorp - Product Comparisons