The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Configure cPanel's Mod Security with Atomic Corp Rules

Discussion in 'Security' started by ukhost4u, Jun 30, 2012.

  1. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
    Hello.

    We have recently found the default rules of Mod Security which ships with cPanel to be very poor and not provide a good level of security.

    As such we have been trying for a while to find a good way to way to use more advanced rules and as we never found any good guide to this so we decided to build our own.

    I wanted to post a link here as I think this will be a very useful guide and help people wanting to add extra security to there WHM / cPanel server.


    Configuring cPanel ModSecurity with Atomic ModSecurity Rules | UKHost4u Blog

    I am more than happy for people to use this information or provide this link to other people who might find this useful.

    UK Web Hosting | Dedicated server & VPS hosting | UKHost4u
     
  2. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    132
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Thank you for the great guide!

    How do I modify the modsec2.user.conf file when adding the content to the file?

    This one here:
    Code:
    SecPcreMatchLimit 50000
     SecPcreMatchLimitRecursion 50000
     SecRequestBodyAccess On
     SecResponseBodyAccess On
     SecResponseBodyMimeType (null) text/html text/plain text/xml
     SecResponseBodyLimit 220621440
     SecServerSignature Apache
     SecUploadDir /var/asl/data/suspicious
     SecUploadKeepFiles Off
     SecAuditLogParts ABIFHZ
     SecArgumentSeparator "&"
     SecCookieFormat 0
     SecRequestBodyLimit 220621440
     SecRequestBodyInMemoryLimit 220621440
     LimitRequestBody 0
     LimitRequestBody 25097152
     SecDataDir /var/asl/data/msa
     SecTmpDir /tmp
     SecAuditLogStorageDir /var/asl/data/audit
     SecResponseBodyLimitAction ProcessPartial
     # ConfigServer ModSecurity whitelist file
     Include /usr/local/apache/conf/modsec2.whitelist.conf
    # ASL/GOTROOT Rules
     Include /usr/local/apache/conf/modsec_rules/*asl*.conf
     
    #2 Archmactrix, Jul 3, 2012
    Last edited: Jul 3, 2012
  3. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
    Hello.

    The easiest way to do this would be in WHM under -> Plugins -> Mod Security

    I would suggest restarting Apache after doing this to make sure the configuration works.
     
  4. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    132
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Thank you for the reply!

    I meant how should I add these lines to the modsec2.user.conf.

    Should I add the lines together with existing lines, or should I remove them before adding the new lines? :eek:

    If I should add them together with existing lines, where should I add them?
     
  5. ukhost4u

    ukhost4u Active Member
    PartnerNOC

    Joined:
    Apr 24, 2003
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
    Hello.

    Sorry I maybe didn't understand your question. You want to replace the current content with these lines, as you don't need to use the default configuration any more.
     
  6. Archmactrix

    Archmactrix Well-Known Member

    Joined:
    Jan 20, 2012
    Messages:
    132
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Ok, thank you very much for the help.
     
  7. AmirolAhmad

    AmirolAhmad Member

    Joined:
    Aug 6, 2012
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thank you so much!! Will try it now..looking for this for a long long time ago :)

    Will give you hit after installation
     
Loading...

Share This Page