Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Mod_Security - how to configure

Discussion in 'Security' started by postcd, Mar 18, 2012.

  1. postcd

    postcd Well-Known Member

    Joined:
    Oct 22, 2010
    Messages:
    689
    Likes Received:
    14
    Trophy Points:
    68
    I have installed this Mod via Easy Apache. How i should configure it now?
    In the menu there is new entry Mod Security under plugins.
    When i click Edit Config button, the text area field is empty. What should i enter there?

    Im hosting Wordpress, PHPBB, vBulletin, mybb and few other scripts. Im also using ConfigServerSecurity&Firewall.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 postcd, Mar 18, 2012
    Last edited: Mar 18, 2012
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,170
    Likes Received:
    370
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    On this page, click "Default Configuration" link at top to automagically populate this section. Scroll down and click Save Configuration now and you're all set.

    If you find that you need more control over how your new rules work on a per account basis, you might like to know about CMC: ConfigServer ModSecurity Control
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. szk

    szk Member

    Joined:
    May 30, 2012
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Website Owner
    Hello,
    I am not familiar with mod_security, but in "Default Configuration" i can see the settings that I should not use and do not need,
    Question is silly but, If I delete entire rule from Default Configuration and leave only for eg # Blind SQL injection,
    will mod_security only apply that rule, and will it work without all other rules? also if it works that way, if I set "No Configuration" mod_security will be inactive ?
    Sorry for stupid question, but I can try this only on live, so i can not afford mistake
    Thanks
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,170
    Likes Received:
    370
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You need them.

    Yes.

    No, its active if you choose to install it with EasyApache. It can't be of any use without rules though.

    Back that file up for safe keeping. Copy it, paste it into a text file before you touch it. You can't go wrong with backups.

    HTH! :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. szk

    szk Member

    Joined:
    May 30, 2012
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    51
    cPanel Access Level:
    Website Owner
    Thanks for valuable information, works fine, now i have another question, i have 4 accounts on one server but mod_security affects only one, where is catch ? how can i set mod_security to affect all the accounts on server with same settings?
     
  6. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,170
    Likes Received:
    370
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    No way of knowing without knowing whats being affected. In post #2 above, is a link to a tool you would probably have good use for by the sound of it though. :)

    For example, you've got that installed > issue with one account and mod_sec, you see the rule ID in your log, use CMC to disable that one rule, for that one site.

    Mod_Security is as complex as you think it is, or, not too awful bad to understand if you look at it from across the room a bit. The docs and comments are plentiful on the topic.

    Good luck!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. ANKUR KUMAR

    ANKUR KUMAR Active Member

    Joined:
    Oct 28, 2012
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    I was about to ask a question , but seems Infopro have already answered

    Where can i get more set of rules for added security ** Atomicorp provide this , but is there any free source ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. Astral God

    Astral God Well-Known Member

    Joined:
    Sep 27, 2010
    Messages:
    180
    Likes Received:
    0
    Trophy Points:
    66
    Location:
    127.0.0.1
    cPanel Access Level:
    Root Administrator
    The Atomicorp Delayed Rules are provided for free.
     
  9. ANKUR KUMAR

    ANKUR KUMAR Active Member

    Joined:
    Oct 28, 2012
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi Astral , Thanks for reply...

    Help figure out exact page where they have given those rules ..and the way to implement them . I went to their website ...

    Every where they have concentrated more on paid set of rules and rarely the required is visible .
    Thank you in advance ! :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,170
    Likes Received:
    370
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. icandoit

    icandoit Well-Known Member

    Joined:
    Dec 21, 2010
    Messages:
    75
    Likes Received:
    0
    Trophy Points:
    56
    I can't access this site

    Ok I could see it with IE
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #11 icandoit, Nov 29, 2012
    Last edited: Nov 29, 2012
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice