The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Mod_Security - how to configure

Discussion in 'Security' started by postcd, Mar 18, 2012.

  1. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    624
    Likes Received:
    6
    Trophy Points:
    18
    I have installed this Mod via Easy Apache. How i should configure it now?
    In the menu there is new entry Mod Security under plugins.
    When i click Edit Config button, the text area field is empty. What should i enter there?

    Im hosting Wordpress, PHPBB, vBulletin, mybb and few other scripts. Im also using ConfigServerSecurity&Firewall.
     
    #1 postcd, Mar 18, 2012
    Last edited: Mar 18, 2012
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    On this page, click "Default Configuration" link at top to automagically populate this section. Scroll down and click Save Configuration now and you're all set.

    If you find that you need more control over how your new rules work on a per account basis, you might like to know about CMC: ConfigServer ModSecurity Control
     
  3. szk

    szk Member

    Joined:
    May 30, 2012
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Hello,
    I am not familiar with mod_security, but in "Default Configuration" i can see the settings that I should not use and do not need,
    Question is silly but, If I delete entire rule from Default Configuration and leave only for eg # Blind SQL injection,
    will mod_security only apply that rule, and will it work without all other rules? also if it works that way, if I set "No Configuration" mod_security will be inactive ?
    Sorry for stupid question, but I can try this only on live, so i can not afford mistake
    Thanks
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You need them.

    Yes.

    No, its active if you choose to install it with EasyApache. It can't be of any use without rules though.

    Back that file up for safe keeping. Copy it, paste it into a text file before you touch it. You can't go wrong with backups.

    HTH! :)
     
  5. szk

    szk Member

    Joined:
    May 30, 2012
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Thanks for valuable information, works fine, now i have another question, i have 4 accounts on one server but mod_security affects only one, where is catch ? how can i set mod_security to affect all the accounts on server with same settings?
     
  6. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    No way of knowing without knowing whats being affected. In post #2 above, is a link to a tool you would probably have good use for by the sound of it though. :)

    For example, you've got that installed > issue with one account and mod_sec, you see the rule ID in your log, use CMC to disable that one rule, for that one site.

    Mod_Security is as complex as you think it is, or, not too awful bad to understand if you look at it from across the room a bit. The docs and comments are plentiful on the topic.

    Good luck!
     
  7. ANKUR KUMAR

    ANKUR KUMAR Active Member

    Joined:
    Oct 28, 2012
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    I was about to ask a question , but seems Infopro have already answered

    Where can i get more set of rules for added security ** Atomicorp provide this , but is there any free source ?
     
  8. Astral God

    Astral God Well-Known Member

    Joined:
    Sep 27, 2010
    Messages:
    180
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    127.0.0.1
    cPanel Access Level:
    Root Administrator
    The Atomicorp Delayed Rules are provided for free.
     
  9. ANKUR KUMAR

    ANKUR KUMAR Active Member

    Joined:
    Oct 28, 2012
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi Astral , Thanks for reply...

    Help figure out exact page where they have given those rules ..and the way to implement them . I went to their website ...

    Every where they have concentrated more on paid set of rules and rarely the required is visible .
    Thank you in advance ! :)
     
  10. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  11. icandoit

    icandoit Well-Known Member

    Joined:
    Dec 21, 2010
    Messages:
    70
    Likes Received:
    0
    Trophy Points:
    6
    I can't access this site

    Ok I could see it with IE
     
    #11 icandoit, Nov 29, 2012
    Last edited: Nov 29, 2012
Loading...

Share This Page