Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Let customers view and whitelist mod_security rules?

Discussion in 'Security' started by electric, Aug 26, 2017.

  1. electric

    electric Well-Known Member

    Nov 5, 2001
    Likes Received:
    Trophy Points:
    I see that cpanel now offers a ModSecurity feature in the end-user cpanel, so they can enable/disable mod_security on their account.

    Is it possible for the customer to see a list of "hits" that the modsecurity system has had for their website? And is it also possible for the customer to whitelist a rule that is a false-positive?

    We're getting quite a few customers who have problems with mod_security, and we often have to whitelist rules for them, etc.. It would be nice if we could point them to this area of their cpanel and they can see the hits and whitelist specific rules for themselves.

    Otherwise, what we are finding is that some customers simply disable mod_security completely in their cpanel, and that leaves their website vulnerable to everything.. when in fact they only want to whitelist one rule that is having false positive.

    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    cPanelMichael and quizknows like this.
  2. quizknows

    quizknows Well-Known Member

    Oct 20, 2009
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    DataCenter Provider
    My primary complaint when the user manager was launched was the fact that the only feature is to disable entirely.

    It would be nice to see at least users able to just whitelist specific rule IDs even if it's not scoped to location.

    I'd also think for the most part since cP already parses hits into a database, showing users hits for their own domains should be a pretty simple task as well.
    cPanelMichael likes this.
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    quizknows likes this.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice