The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Change to OFF the ModSecurity on by default in new sites

Discussion in 'Security' started by Facundo, Sep 18, 2015.

  1. Facundo

    Facundo Member

    Joined:
    Sep 8, 2009
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Hello!
    I want to change by default that all new sites, domains or subdomains created in WHM/cPanel start with Mod Security ON, to OFF.
    I don't want to disable ModSecurity from the server, just to that new function start disabled, and then if the user like, they can enabled in their cPanel

    As an extra, i want to know how to disable ModSecurity by command line, SQL or whatever for a single user/account.

    Thanks,
    Facundo
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  3. Facundo

    Facundo Member

    Joined:
    Sep 8, 2009
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Thank you Michael, i don't know that plugin.
    Anyway, my problem continues... i need to manualy disable a lot of domains (3/4 clicks for each account!) and all new ones. Nobody know how can i do this in an efficient way?
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    There are no native options that allow you to disable Mod_Security for all domain names at once. The manual method of doing this is by modifying the Apache include file for each domain name. The plugin referenced in my last response is likely the easiest way to do this:

    http://www.configserver.com/cp/cmc.html

    Thank you.
     
  5. Facundo

    Facundo Member

    Joined:
    Sep 8, 2009
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    If ther isnt' a native option, i want to make it for my own... please help me with this:
    From where (or where is stored) the cPanel take the information for know if the ModSecurity is on or off? Because if i edit the httpd.conf, cPanel ¿database? don't know the changes

    May be with that, i can create a custom (beggining) template for all new domains or sub-domains to start with ModSec OFF
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Here are the steps you can take to disable Mod_Security for an individual account through the command line:

    1. Create a directory for the domain you want to exclude:

    Code:
    mkdir -p /usr/local/apache/conf/userdata/std/2/USERNAME/DOMAIN.TLD
    2. Create a mod_security conf file:

    Code:
    touch /usr/local/apache/conf/userdata/std/2/USERNAME/DOMAIN.TLD/mod_security.conf
    3. Add the following line in that file:

    Code:
    SecRuleEngine Off
    4. Save the file and then run:

    Code:
    /scripts/ensure_vhost_includes --user=USERNAME
    Thank you.
     
  7. Facundo

    Facundo Member

    Joined:
    Sep 8, 2009
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Great advance, thans a lot! :)

    I can resolve part of my problems with a customization that not will not reflected in cPanels, but is almost something;)
     
Loading...

Share This Page