Enable gui for user to override modsec rules?

jjozwik

Registered
Jul 21, 2014
3
0
51
cPanel Access Level
Root Administrator
Is there a gui or method already for end users to override or append a modsec rule for just their account. I can see they can turn off modsec for domains. But was looking for a place to override specific rules required for applications.
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
Jeremy,

jjozwik referenced that in his first post. Yes, there is a way for users to disable modsec entirely, but the domain manager does not yet support disabling individual rules (unfortunately). I have found a slight increase in hacked sites since users have been able to disable modsecurity for themselves, and I advise all of our customers to completely disable the modsecurity domain manager for their users because of this.

Hopefully, this will be added in the future so that users can disable individual rule IDs for their sites without such a major risk. Many of the hacked sites I worked on recently were hacked due to the cPanel user disabling ModSecurity on their own sites.

In the mean time you are left to modify the userdata includes files as referenced from httpd.conf to remove individual rule IDs on a per-site basis. This is also a feature of ConfigServer Modsec Control. You can insert lines into these files with "SecRuleRemoveByID $RULEID" to disable individual rules for the user/site.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,216
463
Hello :)

I could not find an existing feature request open for this, so it's likely a good idea to submit a feature request via:

Submit A Feature Request

This will allow users to track the implementation of the feature should our developers decide to implement it.

Thank you.