Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

mod_sec with httpd-guardian

Discussion in 'Security' started by jeffschips, Mar 29, 2018.

Tags:
  1. jeffschips

    jeffschips Active Member

    Joined:
    Jun 5, 2016
    Messages:
    29
    Likes Received:
    3
    Trophy Points:
    3
    Location:
    new york
    cPanel Access Level:
    Root Administrator
    Anybody have experience getting mod_sec to play nicely with http-guardian? There is a box in mod_sec configuration in which a user enters their path to http-guarding, which I've done. However, the instructions in the package are a bit confusing. It says you need to activate or install something called "spread" which is the transport for the data from the install to the perl modules for processing.

    I don't want to fiddle with my Centos 6.9 whm/cpanel server without knowing more about installing this.

    Any help much appreciated.
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    I've not seen any reports from cPanel & WHM administrators regarding the use of this feature. I've moved this thread to our Security forum so that others that may have utilized this feature can offer their insight.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. jeffschips

    jeffschips Active Member

    Joined:
    Jun 5, 2016
    Messages:
    29
    Likes Received:
    3
    Trophy Points:
    3
    Location:
    new york
    cPanel Access Level:
    Root Administrator
    Thanks where is the link to that forum? The very annoying thing is CPanel/WHM support say seek out advise from mod_sec forums and advisors, and the mod_sec people say seek out advise from CPanel/WHM. And of cousre the most annoying thing is that the developer of the scripts who advises people to contact him with his email embedded in the scripts, does not respond to queries. So there you have it - tech in the 21st. century.
     
  4. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @jeffschips,

    I'm referring to the Security category of the cPanel Forums. I moved this thread here to increase the chance that you will receive user-feedback, as typically issues and questions relating to Mod_Security are posted here.

    The main difficulty you are going to encounter when attempting to setup Guardian Logging on your own is that it doesn't appear to be used by very many people. It's noted under the SecGuardianLog section at:

    SpiderLabs/ModSecurity

    However, I couldn't find any instances where someone reported using it. Could you provide some background information on the purpose you'd like to use it for? We might be able to offer some alternatives.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. jeffschips

    jeffschips Active Member

    Joined:
    Jun 5, 2016
    Messages:
    29
    Likes Received:
    3
    Trophy Points:
    3
    Location:
    new york
    cPanel Access Level:
    Root Administrator
    Sure, appreciate the offer. I kind of liked the apache-tools set of tools for blocking on the firewall level, bots and such. Particularly HTTP-authenticaion failures of which I receive many. The httpd-guardian was attractive but I'm not wedded to it.

    Does mod_sec have a method to ban - on the firewall level - these types of incursions?

    Not deny, but block on the firewall.
     
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    You could use CSF/LFD. See this post:

    CSF and Mod Security

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice