Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Configure cPanel's Mod Security with Atomic Corp Rules

Discussion in 'Security' started by ukhost4u, Jun 30, 2012.

  1. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    156
    Hello.

    We have recently found the default rules of Mod Security which ships with cPanel to be very poor and not provide a good level of security.

    As such we have been trying for a while to find a good way to way to use more advanced rules and as we never found any good guide to this so we decided to build our own.

    I wanted to post a link here as I think this will be a very useful guide and help people wanting to add extra security to there WHM / cPanel server.


    Configuring cPanel ModSecurity with Atomic ModSecurity Rules | UKHost4u Blog

    I am more than happy for people to use this information or provide this link to other people who might find this useful.

    UK Web Hosting | Dedicated server & VPS hosting | UKHost4u
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 ukhost4u, Jun 30, 2012
  2. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    138
    Likes Received:
    2
    Trophy Points:
    68
    cPanel Access Level:
    Root Administrator
    Thank you for the great guide!

    How do I modify the modsec2.user.conf file when adding the content to the file?

    This one here:
    Code:
    SecPcreMatchLimit 50000
 SecPcreMatchLimitRecursion 50000
 SecRequestBodyAccess On
 SecResponseBodyAccess On
 SecResponseBodyMimeType (null) text/html text/plain text/xml
 SecResponseBodyLimit 220621440
 SecServerSignature Apache
 SecUploadDir /var/asl/data/suspicious
 SecUploadKeepFiles Off
 SecAuditLogParts ABIFHZ
 SecArgumentSeparator "&"
 SecCookieFormat 0
 SecRequestBodyLimit 220621440
 SecRequestBodyInMemoryLimit 220621440
 LimitRequestBody 0
 LimitRequestBody 25097152
 SecDataDir /var/asl/data/msa
 SecTmpDir /tmp
 SecAuditLogStorageDir /var/asl/data/audit
 SecResponseBodyLimitAction ProcessPartial
 # ConfigServer ModSecurity whitelist file
 Include /usr/local/apache/conf/modsec2.whitelist.conf
# ASL/GOTROOT Rules
 Include /usr/local/apache/conf/modsec_rules/*asl*.conf
     
    #2 Archmactrix, Jul 3, 2012
    Last edited: Jul 3, 2012
  3. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    156
    Hello.

    The easiest way to do this would be in WHM under -> Plugins -> Mod Security

    I would suggest restarting Apache after doing this to make sure the configuration works.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 ukhost4u, Jul 4, 2012
  4. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    138
    Likes Received:
    2
    Trophy Points:
    68
    cPanel Access Level:
    Root Administrator
    Thank you for the reply!

    I meant how should I add these lines to the modsec2.user.conf.

    Should I add the lines together with existing lines, or should I remove them before adding the new lines? :eek:

    If I should add them together with existing lines, where should I add them?
     
    #4 Archmactrix, Jul 4, 2012
  5. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    156
    Hello.

    Sorry I maybe didn't understand your question. You want to replace the current content with these lines, as you don't need to use the default configuration any more.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #5 ukhost4u, Jul 4, 2012
  6. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    138
    Likes Received:
    2
    Trophy Points:
    68
    cPanel Access Level:
    Root Administrator
    Ok, thank you very much for the help.
     
    #6 Archmactrix, Jul 4, 2012
  7. AmirolAhmad

    AmirolAhmad Member

    Joined:
    Aug 6, 2012
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thank you so much!! Will try it now..looking for this for a long long time ago :)

    Will give you hit after installation
     
    #7 AmirolAhmad, Aug 6, 2012
(You must log in or sign up to post here.)
Loading...
Similar Threads - Configure cPanel's Security
  1. Mustafa Chapal

    Configure Exim to Send Email From a Subaccount

    Mustafa Chapal, Nov 1, 2018, in forum: E-mail Discussion
    Replies:
    3
    Views:
    89
    cPanelMichael
    Nov 5, 2018
  2. Nurs1927

    Configure mod_remoteip for Cloudflare?

    Nurs1927, Oct 23, 2018, in forum: General Discussion
    Replies:
    9
    Views:
    187
    cPanelLauren
    Nov 6, 2018
  3. SamL

    SOLVED [CPANEL-22560] AutoSSL Warning - Skipping duplicate domains (misconfigured?)

    SamL, Oct 18, 2018, in forum: Security
    Replies:
    1
    Views:
    148
    cPanelFelipe
    Oct 19, 2018
  4. Dedan Irungu

    How to Configure many servers to work as one?

    Dedan Irungu, Oct 8, 2018, in forum: General Discussion
    Replies:
    1
    Views:
    97
    cPanelLauren
    Oct 9, 2018
  5. Nurs1927

    Properly configure PHP7.2 with PHP-FPM On?

    Nurs1927, Oct 7, 2018, in forum: EasyApache
    Replies:
    9
    Views:
    204
    cPanelLauren
    Oct 9, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice