Mod_Security - how to configure

postcd

Well-Known Member
Oct 22, 2010
717
19
68
I have installed this Mod via Easy Apache. How i should configure it now?
In the menu there is new entry Mod Security under plugins.
When i click Edit Config button, the text area field is empty. What should i enter there?

Im hosting Wordpress, PHPBB, vBulletin, mybb and few other scripts. Im also using ConfigServerSecurity&Firewall.
 
Last edited:

Infopro

Well-Known Member
May 20, 2003
17,113
511
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
When i click Edit Config button, the text area field is empty. What should i enter there?
On this page, click "Default Configuration" link at top to automagically populate this section. Scroll down and click Save Configuration now and you're all set.

If you find that you need more control over how your new rules work on a per account basis, you might like to know about CMC: ConfigServer ModSecurity Control
 

szk

Member
May 30, 2012
8
0
51
cPanel Access Level
Website Owner
Hello,
I am not familiar with mod_security, but in "Default Configuration" i can see the settings that I should not use and do not need,
Question is silly but, If I delete entire rule from Default Configuration and leave only for eg # Blind SQL injection,
will mod_security only apply that rule, and will it work without all other rules? also if it works that way, if I set "No Configuration" mod_security will be inactive ?
Sorry for stupid question, but I can try this only on live, so i can not afford mistake
Thanks
 

Infopro

Well-Known Member
May 20, 2003
17,113
511
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
i can see the settings that I should not use and do not need,
You need them.

will mod_security only apply that rule, and will it work without all other rules?
Yes.

if I set "No Configuration" mod_security will be inactive ?
No, its active if you choose to install it with EasyApache. It can't be of any use without rules though.

but I can try this only on live, so i can not afford mistake
Back that file up for safe keeping. Copy it, paste it into a text file before you touch it. You can't go wrong with backups.

HTH! :)
 

szk

Member
May 30, 2012
8
0
51
cPanel Access Level
Website Owner
Thanks for valuable information, works fine, now i have another question, i have 4 accounts on one server but mod_security affects only one, where is catch ? how can i set mod_security to affect all the accounts on server with same settings?
 

Infopro

Well-Known Member
May 20, 2003
17,113
511
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
No way of knowing without knowing whats being affected. In post #2 above, is a link to a tool you would probably have good use for by the sound of it though. :)

For example, you've got that installed > issue with one account and mod_sec, you see the rule ID in your log, use CMC to disable that one rule, for that one site.

Mod_Security is as complex as you think it is, or, not too awful bad to understand if you look at it from across the room a bit. The docs and comments are plentiful on the topic.

Good luck!
 

ANKUR KUMAR

Active Member
Oct 28, 2012
26
0
1
India
cPanel Access Level
Root Administrator
Hi Astral , Thanks for reply...

Help figure out exact page where they have given those rules ..and the way to implement them . I went to their website ...

Every where they have concentrated more on paid set of rules and rarely the required is visible .
Thank you in advance ! :)
 

icandoit

Well-Known Member
Dec 21, 2010
79
1
58
I can't access this site

Ok I could see it with IE
 
Last edited: