Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED Modsecurity CMC whitelist being ignored

Discussion in 'Security' started by jestep, Dec 9, 2016.

  1. jestep

    jestep Well-Known Member

    Dec 18, 2006
    Likes Received:
    Trophy Points:
    This is a huge annoyance. Using configserver CMC. The configserver forums are basically dead so posting here to see if anyone else has had the same problem. Basically the mod_security CMC whitelist function doesn't work at all because the user disabled rules are applied in the wrong order.

    I can manually edit modsec/modsec2.cpanel.conf and I can properly disable rules.

    However, when I use the ModSecurity rule ID list: which adds ID's to: modsec2.whitelist.conf, which is added in modsec2.user.conf, they are completely ignored. modsec2.cpanel.conf gets written over by the server so any changes I make directly to that file aren't permanent, so this isn't a viable means to disable rules. I haven't found a way to distill that file to save manual changes. Has anyone run into this problem or know of a better way to save rules that I want to disable.

    Basically, I need to disable:

    The actual problem is very obvious, looking in modsec2.conf, the modsec2.user.conf rules are applied before the modsec2.cpanel.conf rules so any custom rules are essentially meaningless because the actual rules are applied after the user disables them...

    From modsec2.conf
    # user.conf must com before cpanel.conf to allow adminsitrators
    # to selectively disable vendor rules
    Include /etc/apache2/conf.d/modsec/modsec2.user.conf
    Include /etc/apache2/conf.d/modsec/modsec2.cpanel.conf

    Any suggestions on how to disable rules without having to re-edit these auto generated files every time the server writes over them. Maybe I'm missing something, but the order these are applied makes user disabled rules completely meaningless, am I wrong?
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Apr 11, 2011
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator

    Could you verify which version of cPanel is installed on this system? The following case was included with cPanel version 58.0.26 a while back and might relate to this issue if you are using an older cPanel version:

    Fixed case CPANEL-7914: Fix loading of custom mod_security rules.

    Otherwise, could you open a support ticket using the link in my signature so we can take a closer look? We won't be able to troubleshoot the ConfigServer CMC issue, but we can verify the steps utilized on threads such as are working as expected.

    Thank you.
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice