Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Configure cPanel's Mod Security with Atomic Corp Rules

Discussion in 'Security' started by ukhost4u, Jun 30, 2012.

  1. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    156
    Hello.

    We have recently found the default rules of Mod Security which ships with cPanel to be very poor and not provide a good level of security.

    As such we have been trying for a while to find a good way to way to use more advanced rules and as we never found any good guide to this so we decided to build our own.

    I wanted to post a link here as I think this will be a very useful guide and help people wanting to add extra security to there WHM / cPanel server.


    Configuring cPanel ModSecurity with Atomic ModSecurity Rules | UKHost4u Blog

    I am more than happy for people to use this information or provide this link to other people who might find this useful.

    UK Web Hosting | Dedicated server & VPS hosting | UKHost4u
     
    #1 ukhost4u, Jun 30, 2012
  2. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    138
    Likes Received:
    2
    Trophy Points:
    68
    cPanel Access Level:
    Root Administrator
    Thank you for the great guide!

    How do I modify the modsec2.user.conf file when adding the content to the file?

    This one here:
    Code:
    SecPcreMatchLimit 50000
 SecPcreMatchLimitRecursion 50000
 SecRequestBodyAccess On
 SecResponseBodyAccess On
 SecResponseBodyMimeType (null) text/html text/plain text/xml
 SecResponseBodyLimit 220621440
 SecServerSignature Apache
 SecUploadDir /var/asl/data/suspicious
 SecUploadKeepFiles Off
 SecAuditLogParts ABIFHZ
 SecArgumentSeparator "&"
 SecCookieFormat 0
 SecRequestBodyLimit 220621440
 SecRequestBodyInMemoryLimit 220621440
 LimitRequestBody 0
 LimitRequestBody 25097152
 SecDataDir /var/asl/data/msa
 SecTmpDir /tmp
 SecAuditLogStorageDir /var/asl/data/audit
 SecResponseBodyLimitAction ProcessPartial
 # ConfigServer ModSecurity whitelist file
 Include /usr/local/apache/conf/modsec2.whitelist.conf
# ASL/GOTROOT Rules
 Include /usr/local/apache/conf/modsec_rules/*asl*.conf
     
    #2 Archmactrix, Jul 3, 2012
    Last edited: Jul 3, 2012
  3. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    156
    Hello.

    The easiest way to do this would be in WHM under -> Plugins -> Mod Security

    I would suggest restarting Apache after doing this to make sure the configuration works.
     
    #3 ukhost4u, Jul 4, 2012
  4. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    138
    Likes Received:
    2
    Trophy Points:
    68
    cPanel Access Level:
    Root Administrator
    Thank you for the reply!

    I meant how should I add these lines to the modsec2.user.conf.

    Should I add the lines together with existing lines, or should I remove them before adding the new lines? :eek:

    If I should add them together with existing lines, where should I add them?
     
    #4 Archmactrix, Jul 4, 2012
  5. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    156
    Hello.

    Sorry I maybe didn't understand your question. You want to replace the current content with these lines, as you don't need to use the default configuration any more.
     
    #5 ukhost4u, Jul 4, 2012
  6. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    138
    Likes Received:
    2
    Trophy Points:
    68
    cPanel Access Level:
    Root Administrator
    Ok, thank you very much for the help.
     
    #6 Archmactrix, Jul 4, 2012
  7. AmirolAhmad

    AmirolAhmad Member

    Joined:
    Aug 6, 2012
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thank you so much!! Will try it now..looking for this for a long long time ago :)

    Will give you hit after installation
     
    #7 AmirolAhmad, Aug 6, 2012
(You must log in or sign up to post here.)
Loading...
Similar Threads - Configure cPanel's Security
  1. John Manning

    Configure SpamAssassin to block outgoing form mail

    John Manning, Apr 13, 2018, in forum: E-mail Discussions
    Replies:
    11
    Views:
    121
    cPanelLauren
    Apr 13, 2018
  2. mtabo

    Can't configure email client with client domain name

    mtabo, Mar 23, 2018, in forum: E-mail Discussions
    Replies:
    2
    Views:
    92
    mtabo
    Mar 23, 2018
  3. PeteS

    Configure EXIM to handle all forwards locally

    PeteS, Mar 22, 2018, in forum: E-mail Discussions
    Replies:
    2
    Views:
    98
    PeteS
    Mar 22, 2018
  4. Rework

    Configure IP's Before Installing WHM?

    Rework, Mar 21, 2018, in forum: Bind / DNS / Nameserver Issues
    Replies:
    1
    Views:
    78
    cPanelMichael
    Mar 22, 2018
  5. Tusca

    Configure domains in new installation

    Tusca, Mar 16, 2018, in forum: Bind / DNS / Nameserver Issues
    Replies:
    4
    Views:
    122
    cPanelMichael
    Mar 19, 2018

Share This Page