The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ConfigServer ModSec vs built in ModSecurity in 11.46 - new server setup

Discussion in 'Security' started by Mysticeti, Nov 10, 2014.

  1. Mysticeti

    Mysticeti Well-Known Member

    Joined:
    Sep 16, 2002
    Messages:
    45
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    Southern NH
    Assuming someone is starting fresh should the ConfigServer ModSec plugin be disabled when ModSecurity is turned on in 11.46?

    Will leaving both enabled cause issues?

    Thanks.
     
  2. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    132
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    I'm not answering your questions directly, but from my own experience at this time I can say that there is still great need having the ConfigServer ModSec plugin enabled if you want to have quick or easy access to the configuration files and many other settings.

    Viewing the log entries for example by using the ConfigServer ModSec plugin is more practical in my opinion.
     
    #2 Archmactrix, Nov 11, 2014
    Last edited: Nov 11, 2014
  3. Brian

    Brian Well-Known Member

    Joined:
    Dec 1, 2010
    Messages:
    117
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Texas
    cPanel Access Level:
    Root Administrator
    The cPanel ModSecurity interface through WHM is not mutually exclusive to using the ConfigServer ModSec plugin. You can effectively use both in tandem without causing ModSecurity errors/problems. However, as with anything, it generally is best to stick to using one or the other and not switch between them. But, using one of the other back and forth won't inherently break/destroy ModSecurity for the system.

    What you see in cPanel & WHM 11.46 is the first rollout of the improvements, with more the come (and improvements on what was released in 11.46) with the release of 11.48 in the future.

    I would encourage you and anyone else to post feature requests at cPanel Feature Requests if you'd like to see further additions/changes to the ModSecurity feature in cPanel.

    Along the lines of what I've typed above, I'd love to hear feedback through the cPanel Feature Requests site on what improvements could be made to make the feature more appealing. For instance, I'd like to hear more about what makes the ConfigServer ModSec plugin more practical to use for looking at log entries. This way I can see if any behaviors you like from there make sense to implement on the cPanel & WHM side of things.
     
  4. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    132
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    What I meant when I said that the log entries view was more practical in the ConfigServer ModSec plugin, was that you have a lot more data in view when you have clicked the expand button for the entry.

    But having said that, it might be questioned, if having more data in view is considered more practical if most of the data is not that helpful. It's just my preference and not very important.

    You have this log entry in ConfigServer ModSec plugin in view on 28 lines with 243 words and 1505 characters about the event so I like to think it's nice to have this data in your view even though most of it is not important.

    But I'm very pleased with the new ModSecurity Tools and the ModSecurity Configuration.
     
    #4 Archmactrix, Nov 11, 2014
    Last edited: Nov 11, 2014
  5. Mysticeti

    Mysticeti Well-Known Member

    Joined:
    Sep 16, 2002
    Messages:
    45
    Likes Received:
    2
    Trophy Points:
    8
    Location:
    Southern NH
    Thanks for the info guys. Much appreciated.
     
Loading...

Share This Page