The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Configure cPanel's Mod Security with Atomic Corp Rules

Discussion in 'Security' started by ukhost4u, Jun 30, 2012.

  1. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    156
    Hello.

    We have recently found the default rules of Mod Security which ships with cPanel to be very poor and not provide a good level of security.

    As such we have been trying for a while to find a good way to way to use more advanced rules and as we never found any good guide to this so we decided to build our own.

    I wanted to post a link here as I think this will be a very useful guide and help people wanting to add extra security to there WHM / cPanel server.


    Configuring cPanel ModSecurity with Atomic ModSecurity Rules | UKHost4u Blog

    I am more than happy for people to use this information or provide this link to other people who might find this useful.

    UK Web Hosting | Dedicated server & VPS hosting | UKHost4u
     
    #1 ukhost4u, Jun 30, 2012
  2. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    133
    Likes Received:
    0
    Trophy Points:
    66
    cPanel Access Level:
    Root Administrator
    Thank you for the great guide!

    How do I modify the modsec2.user.conf file when adding the content to the file?

    This one here:
    Code:
    SecPcreMatchLimit 50000
 SecPcreMatchLimitRecursion 50000
 SecRequestBodyAccess On
 SecResponseBodyAccess On
 SecResponseBodyMimeType (null) text/html text/plain text/xml
 SecResponseBodyLimit 220621440
 SecServerSignature Apache
 SecUploadDir /var/asl/data/suspicious
 SecUploadKeepFiles Off
 SecAuditLogParts ABIFHZ
 SecArgumentSeparator "&"
 SecCookieFormat 0
 SecRequestBodyLimit 220621440
 SecRequestBodyInMemoryLimit 220621440
 LimitRequestBody 0
 LimitRequestBody 25097152
 SecDataDir /var/asl/data/msa
 SecTmpDir /tmp
 SecAuditLogStorageDir /var/asl/data/audit
 SecResponseBodyLimitAction ProcessPartial
 # ConfigServer ModSecurity whitelist file
 Include /usr/local/apache/conf/modsec2.whitelist.conf
# ASL/GOTROOT Rules
 Include /usr/local/apache/conf/modsec_rules/*asl*.conf
     
    #2 Archmactrix, Jul 3, 2012
    Last edited: Jul 3, 2012
  3. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    156
    Hello.

    The easiest way to do this would be in WHM under -> Plugins -> Mod Security

    I would suggest restarting Apache after doing this to make sure the configuration works.
     
    #3 ukhost4u, Jul 4, 2012
  4. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    133
    Likes Received:
    0
    Trophy Points:
    66
    cPanel Access Level:
    Root Administrator
    Thank you for the reply!

    I meant how should I add these lines to the modsec2.user.conf.

    Should I add the lines together with existing lines, or should I remove them before adding the new lines? :eek:

    If I should add them together with existing lines, where should I add them?
     
    #4 Archmactrix, Jul 4, 2012
  5. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    156
    Hello.

    Sorry I maybe didn't understand your question. You want to replace the current content with these lines, as you don't need to use the default configuration any more.
     
    #5 ukhost4u, Jul 4, 2012
  6. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    133
    Likes Received:
    0
    Trophy Points:
    66
    cPanel Access Level:
    Root Administrator
    Ok, thank you very much for the help.
     
    #6 Archmactrix, Jul 4, 2012
  7. AmirolAhmad

    AmirolAhmad Member

    Joined:
    Aug 6, 2012
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thank you so much!! Will try it now..looking for this for a long long time ago :)

    Will give you hit after installation
     
    #7 AmirolAhmad, Aug 6, 2012
(You must log in or sign up to post here.)
Loading...
Similar Threads - Configure cPanel's Security
  1. bosprickly

    Using cPanel to configure VPS for Joomla 3.7x and PHP 7.1

    bosprickly, Aug 12, 2017 at 6:05 PM, in forum: General Discussion
    Replies:
    1
    Views:
    40
    cPanelMichael
    Aug 14, 2017 at 12:16 PM
  2. Milance

    Configured PHP version ea-php70 does not have a CGI binary installed

    Milance, Jul 13, 2017, in forum: CloudLinux
    Replies:
    22
    Views:
    1,311
    cPanelMichael
    Aug 9, 2017
  3. George23

    How to configure a filter for blind copy from one domain user to another one?

    George23, Jun 28, 2017, in forum: E-mail Discussions
    Replies:
    3
    Views:
    112
    cPanelMichael
    Jun 30, 2017
  4. PeteS

    Unable to configure shared IPv6

    PeteS, Jun 19, 2017, in forum: Bind / DNS / Nameserver Issues
    Replies:
    6
    Views:
    191
    cPanelMichael
    Jun 20, 2017
  5. Jafar Muhammed

    How to configure mod_proxy on cPanel

    Jafar Muhammed, May 17, 2017, in forum: EasyApache
    Replies:
    2
    Views:
    207
    cPanelMichael
    May 23, 2017

Share This Page