The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New to mod_security, starter Qs

Discussion in 'Security' started by goldegonaz, Dec 14, 2013.

  1. goldegonaz

    goldegonaz Registered

    Joined:
    Oct 30, 2013
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Hello! I just enabled mod_security and deployed the default config. And now I'm... :confused:

    I have a few questions that I couldn't find the answers too. Not sure if this is asking too much, but can't hurt to ask :)

    Does mod security display all blocks/access denied/not acceptable actions in the logs? Or do some actions such as 'Not acceptable' occur without your knowledge or making a record?

    Also how do I block certain strings in a URL. For example I would like to block INSERTIMPMACROHERE - something automatically adds this to the end of URLs, how would I block all request with this in the URL?

    In my htaccess to block a get attack I have the rule below, but it doesn't work globally because I have many htaccess files. So I'd like to add it to mod_security.

    RewriteCond %{THE_REQUEST} \?13(\d+){11}\ [NC]
    RewriteRule .* - [F]

    How would I add that?

    Lastly, how do I block all refers from a certain URL? So if someone/bot comes from baddomain.com, I can stop whatever they want to do/

    That does sound like a lot to ask! So if anyone can just point me in the right direction maybe that would be a great help too!

    Thanks!
     
  2. cPanelPeter

    cPanelPeter Technical Analyst III
    Staff Member

    Joined:
    Sep 23, 2013
    Messages:
    569
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    cPanel/WHM can only support ModSecurity as far as installation is concerned. Since ModSecurity relies on various rules, and their options, we can not support the rules themselves. However, I recommend that you install the following 3rd party add on called ModSecurity Control ConfigServer ModSecurity Control

    Also, I recommend the ModSec rules from Gotroot.com,
    and follow the instructions on cPanel installation for people not using ASL.
     
  3. georgeb

    georgeb Well-Known Member

    Joined:
    May 23, 2010
    Messages:
    48
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Montreal, QC, Canada
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page