Who writes and maintains the default WHM mod_sec rules?
I did search through these forums and I know where to find rules and documentation to make my own rule set; however, in the mean time, I would like to know if these WHM default rules are modsecurity.org's core rules or rules completely put together by cpanel?
Do the default rules change when you update from modsecurity 1.x to 2.x in easapache, so that the rules are still compatible? Are they updated any other time?
We use a subset of the rules that are provided by the mod_security team. The subset is/was selected by testing the default rules provided against the procuct ( cPanel ) as well as some of the third party software provided ( e.g. wordpress ). Rules that cause a problem are dropped. Only rules that do not cause an issue are provided by our installation of mod_security.
I believe the rule definition changed between mod_security 1 and 2, but the end result should be the same.
The rules are only updated when updating mod_security.
There is support in place for providing your own rules, which are generally preserved across mod_security updates ( a warning might be issued when changing major versions ). These of course are updated whenever you opt to change them.
LinkBack URL
About LinkBacks
Reply With Quote
