allanh

Member
May 22, 2003
10
0
151
will Mod_Security 2.0 (latest release from today) have integration with cPanel soon?


I think it will be a lot easier if I can just install and configure Modsecurity 2.0 with click of a button.
 

allanh

Member
May 22, 2003
10
0
151
yeah, I know version 1.9 is available under cPanel.

My question is whether 2.0 will be integrated with cPanel soon? Apparently there are a lot of major improvements with this latest version.
 

carluk

Well-Known Member
Sep 2, 2003
162
0
166
If you want an answer from cpanel, it's best to submit a support ticket.
 

Spiral

BANNED
Jun 24, 2005
2,020
8
193
Just compile mod_security yourself and replace the module installed by cpanel
with the module that you compiled yourself:

(Replace /usr/local/apache/modules/mod_security.so)

Compiling mod_security is rediculously easy and it usually
follows the typical common compile routine:

(download the source and unpack)

./configure
make
make install
 

mickalo

Well-Known Member
Apr 16, 2002
782
5
318
N.W. Iowa
allanh said:
will Mod_Security 2.0 (latest release from today) have integration with cPanel soon?


I think it will be a lot easier if I can just install and configure Modsecurity 2.0 with click of a button.
will this work with Apache 1.3+ or is this just for Apache 2 ??

thx's
Mickalo
 

Spiral

BANNED
Jun 24, 2005
2,020
8
193
mickalo said:
will this work with Apache 1.3+ or is this just for Apache 2 ??

thx's
Mickalo
I just downloaded the source for mod_security 2.0.1 and the only code in the archive is for Apache 2.

Previous versions up through 1.9.4 had both Apache 1.x and Apache 2.x code in the archive.

This means those who want to go to mod_security 2.0.x will probably need to have already
upgraded to Cpanel 11-Edge and Apache 2.x before they can use the new mod_security.

Fortunately, I'm running Apache 2.0.59 myself ;)
 

mickalo

Well-Known Member
Apr 16, 2002
782
5
318
N.W. Iowa
Spiral said:
I just downloaded the source for mod_security 2.0.1 and the only code in the archive is for Apache 2.

Previous versions up through 1.9.4 had both Apache 1.x and Apache 2.x code in the archive.

This means those who want to go to mod_security 2.0.x will probably need to have already
upgraded to Cpanel 11-Edge and Apache 2.x before they can use the new mod_security.

Fortunately, I'm running Apache 2.0.59 myself ;)
Ok, thanks. I found that info on the mod security site also. I guess we'll wait till we get Apache 2 installed.

Thx's
Mickalo
 

Spiral

BANNED
Jun 24, 2005
2,020
8
193
mickalo said:
Ok, thanks. I found that info on the mod security site also. I guess we'll wait till we get Apache 2 installed.

Thx's
Mickalo
It's pretty simple to upgrade to apache 2.0 but depending on your server specifications
I would anticipate anywhere between 15 minutes to an hour of downtime while the
upgrade is actually in progress ... compiling ... debugging .... etc

Aside from being able to use the new mod_security release, Apache 2 also allows you
to run SuPHP which is infinitely better and far more secure than phpSuExec.

Apache 2 also provides handreds of other advantages over Apache 1.x that would
probably be too long a list to list here in detail.
 

mickalo

Well-Known Member
Apr 16, 2002
782
5
318
N.W. Iowa
Spiral said:
It's pretty simple to upgrade to apache 2.0 but depending on your server specifications
I would anticipate anywhere between 15 minutes to an hour of downtime while the
upgrade is actually in progress ... compiling ... debugging .... etc

Aside from being able to use the new mod_security release, Apache 2 also allows you
to run SuPHP which is infinitely better and far more secure than phpSuExec.

Apache 2 also provides handreds of other advantages over Apache 1.x that would
probably be too long a list to list here in detail.
as we only run STABLE releases, I don't believe that Apache 2 is available yet.

We've been using cpanel/whm for about 5yrs now and just have had too many really bad experiences when running anything else other then STABLE releases. Our customers are just too important to take changes :) I guess we'll wait till it becomes available in a STABLE release.

thx's
Mickalo
 

allanh

Member
May 22, 2003
10
0
151
Spiral said:
Just compile mod_security yourself and replace the module installed by cpanel
with the module that you compiled yourself:

(Replace /usr/local/apache/modules/mod_security.so)

Compiling mod_security is rediculously easy and it usually
follows the typical common compile routine:

(download the source and unpack)

./configure
make
make install
I have unpacked mod_security.2.0.1.tar.gz into my root directory. However, there is no "configure' file in that directory...?
 

Spiral

BANNED
Jun 24, 2005
2,020
8
193
allanh said:
I have unpacked mod_security.2.0.1.tar.gz into my root directory. However, there is no "configure' file in that directory...?
We are talking about 2 different versions here ....

The post you quoted was referring to installing an older version of mod security
and the newest version does not have a ./configure for compiling options
or direct APXS support like 1.9.x

To install Mod Security 2.0.1, you MUST be using Apache 2.x on your server!

Go into the "apache2" folder under the location where you extracted the files to
follow the instructions from the "docs" folder in the same mod security archive