mod_security2 rules

mikeyman · Feb 1, 2008

On another post I saw that cpaneltodd had recommended that a member use the modsec2 rules listed below. I was wondering if those rules would interfere with cpanel or any of its components? Also if the rules below are loaded, would you disable the default rules that cpanel installs and only use the 2 below? Thanks!

http://www.gotroot.com/downloads/ftp/mod_security/2.0/apache2/rootkits.conf
http://www.gotroot.com/downloads/ftp/mod_security/2.0/apache2/rules.conf

mikeyman · Feb 2, 2008

Also what about:

jitp.conf
recons.conf
useragents.conf
proxy.conf

Will any of these or the ones above break cpanel's functionality?

LinuxStandard · Feb 2, 2008

cPanel should have access via the 127.0.0.1 address and should be allowed via the rule:

SecRule REMOTE_ADDR "^127.0.0.1$" nolog,allow

in the modsec2.conf file included with the ModSec.pm.tar.gz component of easyapache3.

mikeyman · Feb 6, 2008

Is it safe to use these rules without worry about breaking anything in cpanel?

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

mod_security2 rules

mikeyman Member

mikeyman Member

LinuxStandard Active Member

mikeyman Member

What is different mod_security and mod_security2?

EA4: mod_php (dso) / mod_security2 + mod_ruid2

Editing ModSecurity vendor rules

Let customers view and whitelist mod_security rules?

Backup to Amazon S3 Doesn't Obey Retention Rules

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

mod_security2 rules

mikeyman Member

mikeyman Member

LinuxStandard Active Member

mikeyman Member

What is different mod_security and mod_security2?

EA4: mod_php (dso) / mod_security2 + mod_ruid2

Editing ModSecurity vendor rules

Let customers view and whitelist mod_security rules?

Backup to Amazon S3 Doesn't Obey Retention Rules

Share This Page