The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

how can I update mod_security?

Discussion in 'cPanel Developers' started by ddaas, Mar 17, 2006.

  1. ddaas

    ddaas Member

    Joined:
    Feb 28, 2006
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Germany
    Hi,
    I'm using cpanel on FC4.
    I tried to add the mod_security rules from www.gotroot.com. Anyway, some rules are not supported (invalid regular expression and other kind of errors). This could be from perl, apache , or mod_security module.
    I found out that I am using Installed Version: 1.8.7-1.00RC2 and 1.9 is already out there.
    My question is: how can I upgrade to 1.9? I could compile it by hand but I don't want to create incompatibilities with cpanel. That’s why I want to use whm to updated mod_security. The check box "install and keep updated" is checked.

    Thanks
     
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    Mod Security and related rules found in the WHM are good enough. you don't need to install another copy of Mod Security by hand, if you've enabled it in the WHM.
     
  3. ddaas

    ddaas Member

    Joined:
    Feb 28, 2006
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Germany
    I don't think they are enough because there are zero-day vulnerabilities, new sql injections in different applications and so on with could be stopped using mod_security.
    For example good rules are at www.gotroot.com
     
  4. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    667
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
    The version off the mod_security site is fully compatible with Cpanel if you compile it manually. You can add whatever rules you want afterwards to it. Very easy to install.
     
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I'd agree, building it by hand is as simple as following the instructions in the tarball and I'd also agree that the minimal WHM configuration is quite poor and you should do some investigation on these boards for a much better and relevant set of filters.
     
  6. dave9000

    dave9000 Well-Known Member

    Joined:
    Apr 7, 2003
    Messages:
    891
    Likes Received:
    1
    Trophy Points:
    16
    Location:
    arkansas
    cPanel Access Level:
    Root Administrator
    one thing you have to pay attention to is when you start adding a big ruleset like the ones at gotroot.com is that you do not break legit programs and scripts that your customers are running.

    We usually pick and choose rule sets based on the scripts,applications we have running. The default cpanel ruleset is a bit weak but the complete ruleset at gotroot.com is a bit too complex for most servers needs.
     
Loading...

Share This Page