Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Configure cPanel's Mod Security with Atomic Corp Rules

Discussion in 'Security' started by ukhost4u, Jun 30, 2012.

  1. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    156
    Hello.

    We have recently found the default rules of Mod Security which ships with cPanel to be very poor and not provide a good level of security.

    As such we have been trying for a while to find a good way to way to use more advanced rules and as we never found any good guide to this so we decided to build our own.

    I wanted to post a link here as I think this will be a very useful guide and help people wanting to add extra security to there WHM / cPanel server.


    Configuring cPanel ModSecurity with Atomic ModSecurity Rules | UKHost4u Blog

    I am more than happy for people to use this information or provide this link to other people who might find this useful.

    UK Web Hosting | Dedicated server & VPS hosting | UKHost4u
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 ukhost4u, Jun 30, 2012
  2. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    138
    Likes Received:
    2
    Trophy Points:
    68
    cPanel Access Level:
    Root Administrator
    Thank you for the great guide!

    How do I modify the modsec2.user.conf file when adding the content to the file?

    This one here:
    Code:
    SecPcreMatchLimit 50000
 SecPcreMatchLimitRecursion 50000
 SecRequestBodyAccess On
 SecResponseBodyAccess On
 SecResponseBodyMimeType (null) text/html text/plain text/xml
 SecResponseBodyLimit 220621440
 SecServerSignature Apache
 SecUploadDir /var/asl/data/suspicious
 SecUploadKeepFiles Off
 SecAuditLogParts ABIFHZ
 SecArgumentSeparator "&"
 SecCookieFormat 0
 SecRequestBodyLimit 220621440
 SecRequestBodyInMemoryLimit 220621440
 LimitRequestBody 0
 LimitRequestBody 25097152
 SecDataDir /var/asl/data/msa
 SecTmpDir /tmp
 SecAuditLogStorageDir /var/asl/data/audit
 SecResponseBodyLimitAction ProcessPartial
 # ConfigServer ModSecurity whitelist file
 Include /usr/local/apache/conf/modsec2.whitelist.conf
# ASL/GOTROOT Rules
 Include /usr/local/apache/conf/modsec_rules/*asl*.conf
     
    #2 Archmactrix, Jul 3, 2012
    Last edited: Jul 3, 2012
  3. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    156
    Hello.

    The easiest way to do this would be in WHM under -> Plugins -> Mod Security

    I would suggest restarting Apache after doing this to make sure the configuration works.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 ukhost4u, Jul 4, 2012
  4. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    138
    Likes Received:
    2
    Trophy Points:
    68
    cPanel Access Level:
    Root Administrator
    Thank you for the reply!

    I meant how should I add these lines to the modsec2.user.conf.

    Should I add the lines together with existing lines, or should I remove them before adding the new lines? :eek:

    If I should add them together with existing lines, where should I add them?
     
    #4 Archmactrix, Jul 4, 2012
  5. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    156
    Hello.

    Sorry I maybe didn't understand your question. You want to replace the current content with these lines, as you don't need to use the default configuration any more.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #5 ukhost4u, Jul 4, 2012
  6. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    138
    Likes Received:
    2
    Trophy Points:
    68
    cPanel Access Level:
    Root Administrator
    Ok, thank you very much for the help.
     
    #6 Archmactrix, Jul 4, 2012
  7. AmirolAhmad

    AmirolAhmad Member

    Joined:
    Aug 6, 2012
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thank you so much!! Will try it now..looking for this for a long long time ago :)

    Will give you hit after installation
     
    #7 AmirolAhmad, Aug 6, 2012
(You must log in or sign up to post here.)
Loading...
Similar Threads - Configure cPanel's Security
  1. rfc001

    Configure Web Disk Manually using IP

    rfc001, Sep 17, 2018 at 3:46 PM, in forum: General Discussion
    Replies:
    6
    Views:
    65
    rfc001
    Sep 18, 2018 at 2:08 PM
  2. aseptik

    Configure server to send and receive emails

    aseptik, Sep 11, 2018, in forum: E-mail Discussion
    Replies:
    1
    Views:
    79
    cPanelMichael
    Sep 12, 2018
  3. Amirhossein Matini

    Configure Background Process Killer from Command line

    Amirhossein Matini, Aug 9, 2018, in forum: Security
    Replies:
    2
    Views:
    87
    cPanelLauren
    Aug 13, 2018
  4. bloatedstoat

    SOLVED AutoSSL spews HTML when DNS configured for remote website

    bloatedstoat, Aug 7, 2018, in forum: Security
    Replies:
    2
    Views:
    82
    bloatedstoat
    Aug 9, 2018
  5. jimlongo

    SOLVED Error: ASL has not been configured

    jimlongo, Jul 4, 2018, in forum: Security
    Replies:
    4
    Views:
    394
    jimlongo
    Jul 5, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice