Migrate from Atomicorp Rules (AUM) to OWASP

[jcwacky]

I have a CloudLinux 6.6 server running cPanel 11.50.1, it has ModSecurity installed along with the Atomicorp Rules and ConfigServer ModSecurity Control (CMC).

It was setup this way before ModSecurity became a feature of cPanel. I'm now interested in moving over to the default cPanel ModSecurity setup using the OWASP rules.

What do I need to do in order to achieve this?
How can I cleanly remove Atomicorp rules, setup the OWASP rules, and enable ModSecurity via cPanel?
Will ConfigServer ModSecurity Control (CMC) still work?

This is how the Atomicorp rules were orignally installed:

wget -q -O - https://www.atomicorp.com/installers/aum |sh
aum -u

 

[quizknows]

I would very strongly advise against ditching the atomicorp rules in favor of OWASP. The atomic rules are much more effective and have WAY less false positives.

 

[jcwacky]

Ah, I see. Even though I'm using the free Atomicorp rules from a year ago?

 

[quizknows]

Honestly... yeah. The OWASP rules are pretty much just anomaly based. I'd take a year or two out-dated atomic rules over them any day.

 

[jcwacky]

Thanks, I'll stick with Atomicorp for the time being then.

Presume there's no easy way to start using the cPanel ModSecurity Hits List with my current Atomicorp setup?

 

[cPanelMichael]

There's some additional information you may find helpful if you are asking about Atomicorp as an official vendor:

https://forums.cpanel.net/threads/modsecurity-rules-vendors.470811/

Thank you.