The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Mod_sec Rules

Discussion in 'Security' started by kjlord, Jul 23, 2013.

  1. kjlord

    kjlord Member

    Joined:
    Feb 8, 2011
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    51
    Hello,

    Please give me mod_sec rules details i.e like how to create our own global rules to disable/restricting few files and folders access.
    If there is any other way to do this, suppose we need to disable folder like, hacked./ or any word start/ends with hacked should be disabled or it shall not be access via http.


    Regard
     
    #1 kjlord, Jul 23, 2013
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,398
    Likes Received:
    52
    Trophy Points:
    28
    Location:
    India
    cPanel Access Level:
    Root Administrator
    #2 24x7server, Jul 23, 2013
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,995
    Likes Received:
    1,275
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    You can browse to the following option if you are seeking a visual interface to add/modify rules:

    "WHM Main >> Plugins >> Mod Security"

    Thank you.
     
    #3 cPanelMichael, Jul 24, 2013
  4. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    982
    Likes Received:
    75
    Trophy Points:
    78
    cPanel Access Level:
    DataCenter Provider
    If you want to make your own rules, I recommend the reference manual:

    https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual

    Something like this would deny web access to anything with the word 'hacked' after the domain name. This is an overly broad rule and I don't recommend its use, only as an example:

    SecRule REQUEST_URI "hacked" "t:lowercase,id:12345"
     
    #4 quizknows, Jul 24, 2013
  5. kjlord

    kjlord Member

    Joined:
    Feb 8, 2011
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    51
    Hello,

    Thanks.. :)
     
    #5 kjlord, Jul 24, 2013
(You must log in or sign up to post here.)
Loading...
Similar Threads - Mod_sec Rules
  1. caisc

    Mod_security rules to prevent spam registrations and comments on wordpress sites

    caisc, Feb 7, 2017, in forum: Security
    Replies:
    12
    Views:
    611
    caisc
    Feb 10, 2017
  2. rs-freddo

    New Mod_Security Ruleset after EA4 upgrade

    rs-freddo, Dec 25, 2016, in forum: EasyApache
    Replies:
    1
    Views:
    324
    cPanelMichael
    Jan 5, 2017
  3. Bdzzld

    Older mod_security ruleset still active

    Bdzzld, May 3, 2016, in forum: Security
    Replies:
    3
    Views:
    440
    Bdzzld
    May 5, 2016
  4. Sametto Chan

    What is different mod_security and mod_security2?

    Sametto Chan, Aug 8, 2017, in forum: EasyApache
    Replies:
    3
    Views:
    69
    Sametto Chan
    Aug 8, 2017
  5. Jasleen

    Mod_Security with CRS

    Jasleen, May 30, 2017, in forum: Security
    Replies:
    9
    Views:
    195
    fuzzylogic
    May 31, 2017

Share This Page