How to force enable modsecurity for all User

webdsn

Active Member
Mar 4, 2018
35
2
8
Taiwan
cPanel Access Level
Root Administrator
Based on security considerations
I ready to disable the Modsecurity control button from Feature Manager
before this , I need to force all User enable Modsecurity ,
But I can't find this function in WHM
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,255
313
Houston
If you have ModSecurity enabled at WHM>>Security Center>>ModSecurity Vendors and you remove the ability for your users to manage this it should be enabled for all users automatically.
 

webdsn

Active Member
Mar 4, 2018
35
2
8
Taiwan
cPanel Access Level
Root Administrator
If you have ModSecurity enabled at WHM>>Security Center>>ModSecurity Vendors and you remove the ability for your users to manage this it should be enabled for all users automatically.
Thanks for your reply
I want to confirm that remove the ability for your users to manage
is disable WHN >> Feature Manager >> ModSecurity™ Domain Manager
if I do this
than modsecurity will enabled for all users ?
 

sahostking

Well-Known Member
May 15, 2012
367
9
68
Cape Town, South Africa
cPanel Access Level
Root Administrator
Twitter
I'd also like confirmation on this and how to enable it.

I disabled the feature on one server through feature manager so customers cant manage it anymore but I still see it disabled in the httpd.conf file via

<IfModule security2_module>
SecRuleEngine Off
</IfModule>

How do I enable it for all that have it disabled currently still.
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,255
313
Houston
I'd also like confirmation on this and how to enable it.

I disabled the feature on one server through feature manager so customers cant manage it anymore but I still see it disabled in the httpd.conf file via

<IfModule security2_module>
SecRuleEngine Off
</IfModule>

How do I enable it for all that have it disabled currently still.

What's that IfModule included in? It's set to off for all domains within the Proxymatch no matter what setting you have (which is unrelated to your per domain setting)

Code:
  <Proxymatch ^https?://127\.0\.0\.1:(2082|2083|2077|2078|2079|2080|2086|2087|2095|2096)/>
       <IfModule security2_module>
          SecRuleEngine Off
       </IfModule>
  </Proxymatch>


The IfModule is only present if it's disabled and I confirmed on my own test account that when ModSecurity is enabled but the domain manager feature is disabled the VirtualHost still reflects no IfModule for modsec2