mod_security2 rules

mikeyman · Feb 1, 2008

On another post I saw that cpaneltodd had recommended that a member use the modsec2 rules listed below. I was wondering if those rules would interfere with cpanel or any of its components? Also if the rules below are loaded, would you disable the default rules that cpanel installs and only use the 2 below? Thanks!

http://www.gotroot.com/downloads/ftp/mod_security/2.0/apache2/rootkits.conf
http://www.gotroot.com/downloads/ftp/mod_security/2.0/apache2/rules.conf

mikeyman · Feb 2, 2008

Also what about:

jitp.conf
recons.conf
useragents.conf
proxy.conf

Will any of these or the ones above break cpanel's functionality?

LinuxStandard · Feb 2, 2008

cPanel should have access via the 127.0.0.1 address and should be allowed via the rule:

SecRule REMOTE_ADDR "^127.0.0.1$" nolog,allow

in the modsec2.conf file included with the ModSec.pm.tar.gz component of easyapache3.

mikeyman · Feb 6, 2008

Is it safe to use these rules without worry about breaking anything in cpanel?

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

mod_security2 rules

mikeyman Member

mikeyman Member

LinuxStandard Active Member

mikeyman Member

What is different mod_security and mod_security2?

Discarding spam messages (Exim rules)

Disabling several mod_security rules due to 403 response to POST request?

Update hangs due to 3rd Party ModSec Rules

SOLVED [EA-7980] Rewrite rules broken after latest EA4 update

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

mod_security2 rules

mikeyman Member

mikeyman Member

LinuxStandard Active Member

mikeyman Member

What is different mod_security and mod_security2?

Discarding spam messages (Exim rules)

Disabling several mod_security rules due to 403 response to POST request?

Update hangs due to 3rd Party ModSec Rules

SOLVED [EA-7980] Rewrite rules broken after latest EA4 update

Share This Page