Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

mod_security rules, Atomic and CSF

Discussion in 'Security' started by 11Laurence, May 27, 2013.

  1. 11Laurence

    11Laurence Member

    Joined:
    May 27, 2013
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Re: CENTOS 6.4 x86_64 standard – WHM11.36.1 (build 6)

    This question is adressed tot he community of cpanel because I’m not sure if I can get help outside.

    To increase the level of security ConfigServer Mail scanner, ConfigServerSecurity&Firewall, Mod Security control have been installed.

    I follow this tuto from ukhost4u.co.uk and wrote in config plugin /mod security/WHM:

    I add these two lines from safesrv.net

    Then I pay for .... the paid rules at atomiccorp and receive a username and password.
    I read the wiki and saw for the first time the FAQ :

    Then there is a link to get the rules: updates.atomicorp.com/channels/rules/subscription/
    The browser sends a warning : « security problem »

    (Not sure it is a good start !!! they don'have updated the ssl?)

    I say to the browser it’s an exception and get the following list

    I don’t want to change my config and keep csf.
    These are my questions :
    1) What is the way (code) to get the paid rules and to give to their server my username /password in the plugin „mod security“ (edit config) from whm - see tuto ukhost4u.co.uk
    2) How do we know what is related to what rule (for instance file modsec-201303280927.tar.gz.asc is related to 51_asl_rootkits.conf ?)
    3) Is there a known conflict between cpanel, configserver security or config modsec and arules from atomiccorp.

    Thanks
    Best regards
    Francois

    N.B.: Perhap's it's a language problem and I miss a step?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,323
    Likes Received:
    1,851
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    You will likely get a more detailed response from Atomicorp as it relates to their custom rules. I found the following document on their website that may be helpful:

    Atomicorp Wiki

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. 11Laurence

    11Laurence Member

    Joined:
    May 27, 2013
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello,

    I read these pages. It seems to me they talk about rules installed with ASL (I don’t want this product). I ask here beacause I’m pretty sure other fellows have perfomed this job.

    Thanks
    regards
     
  4. 11Laurence

    11Laurence Member

    Joined:
    May 27, 2013
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    No answer.
    paid rules from atomicoep are no more used? deprecated?
     
  5. robb3369

    robb3369 Well-Known Member

    Joined:
    Mar 1, 2008
    Messages:
    122
    Likes Received:
    0
    Trophy Points:
    66
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. 11Laurence

    11Laurence Member

    Joined:
    May 27, 2013
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello,

    Actually, not.
    I can get asl-lite, but it works (display) not properly and we cannot put username or password

    centOS 6.4 Linux 3.8.13-xxxx-std-ipv6-64 #2 SMP Fri May 17 05:54:07 CEST 2
    Putty

    Other way?

    thanks

    regards
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice