The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to alter mod_security?

Discussion in 'Security' started by wemail, Aug 6, 2009.

  1. wemail

    wemail Well-Known Member

    Joined:
    Nov 28, 2006
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    GB
    cPanel Access Level:
    Root Administrator
    I have been asked to amend the mod_security configuration with the following suggested fix:

    #Allow phpmyadmin to work with mod_security setups
    <IfModule mod_security2.c>
    <LocationMatch "/tbl_change.php">
    SecRuleRemoveById 950006
    </LocationMatch>

    <LocationMatch "/sql.php">
    SecRuleRemoveById 950006
    </LocationMatch>
    </IfModule>

    Please can somebody tell me where exactly this has to be saved/inserted? I have not had to do anything quite like this before.

    This fix is apparently to cure a problem whereby non-root users cannot use phpMyAdmin.

    We are using Apache 2.2.11 with PHP 5.2.9 (shortly to be 5.2.10).

    Other config data: cPanel 11.24.5-R37946 - WHM 11.24.2 - X 3.9 CENTOS 5.3 i686 xen

    TIA
     
  2. thewebhosting

    thewebhosting Well-Known Member

    Joined:
    May 9, 2008
    Messages:
    1,201
    Likes Received:
    1
    Trophy Points:
    38
    You will need to add that code on your VHOST configuration file.
     
  3. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    You could add a rule bypass to either the VHOST for the site in your httpd.conf file (/usr/local/apache/conf/httpd.conf) or you could add those lines to a custom .htaccess file in the account root.

    However, this becomes a pain to manage if you are talking about modifying more than a couple of accounts. In that case, you would be better off either rewriting or deleting the rule entirely.

    You can see where your rules are being loaded by looking in the following file:
    Code:
    /usr/local/apache/conf/modsec2.conf
    
    (Take a look at the file named in the "INCLUDE" line at the end of the file)

    Also, whoever gave you those instructions apparently presumes you are using a standard ruleset. Those instructions are useless if you are using an alternate rule set for your ModSecurity such as the popular 3rd party set from GotRoot.Com and others.

    I presume you have your own custom phpMyAdmin installation because the one built into Cpanel and WHM isn't subject to Mod_Security handling in the first place so there wouldn't be anything you need to modify or edit.
     
  4. wemail

    wemail Well-Known Member

    Joined:
    Nov 28, 2006
    Messages:
    51
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    GB
    cPanel Access Level:
    Root Administrator
    Thanks. I was looking where you say, but I am grateful for the confirmation, as I was concerned lest I screw it up!

    I was not aware of having our own custom phpMyAdmin installation, as I didn't set anything up. The Mod_Security setup is whatever comes with Cpanel and WHM and selected in EasyApache - Selected PHP modules section. (It is NOT the deprecated one in the Manage Plugins / Addon Modules screen).

    I don't think anybody has changed anything - I can't see any changes, and don't know that either of the other two "root" people would have done so without telling the others.

    Thanks again

    Arthur
     
Loading...

Share This Page