The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Enable gui for user to override modsec rules?

Discussion in 'Security' started by jjozwik, Sep 1, 2015.

  1. jjozwik

    jjozwik Registered

    Joined:
    Jul 21, 2014
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Is there a gui or method already for end users to override or append a modsec rule for just their account. I can see they can turn off modsec for domains. But was looking for a place to override specific rules required for applications.
     
  2. hostCAPO

    hostCAPO Member

    Joined:
    Sep 2, 2015
    Messages:
    6
    Likes Received:
    1
    Trophy Points:
    1
    Location:
    Birmingham, AL
    cPanel Access Level:
    Root Administrator
  3. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    Jeremy,

    jjozwik referenced that in his first post. Yes, there is a way for users to disable modsec entirely, but the domain manager does not yet support disabling individual rules (unfortunately). I have found a slight increase in hacked sites since users have been able to disable modsecurity for themselves, and I advise all of our customers to completely disable the modsecurity domain manager for their users because of this.

    Hopefully, this will be added in the future so that users can disable individual rule IDs for their sites without such a major risk. Many of the hacked sites I worked on recently were hacked due to the cPanel user disabling ModSecurity on their own sites.

    In the mean time you are left to modify the userdata includes files as referenced from httpd.conf to remove individual rule IDs on a per-site basis. This is also a feature of ConfigServer Modsec Control. You can insert lines into these files with "SecRuleRemoveByID $RULEID" to disable individual rules for the user/site.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    653
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    I could not find an existing feature request open for this, so it's likely a good idea to submit a feature request via:

    Submit A Feature Request

    This will allow users to track the implementation of the feature should our developers decide to implement it.

    Thank you.
     
Loading...

Share This Page