Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

OWASP ModSecurity Core Rule Set V3.0 whm-server-status

Discussion in 'Workarounds and Optimization' started by rpvw, Aug 18, 2017.

Tags:
  1. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    301
    Likes Received:
    88
    Trophy Points:
    28
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    For anyone irritated by the ModSecurity Tools logged Hits every 5 minutes generated by the 'GET /whm-server-status' triggering rule id 920280 .......... this is for you :)

    1) Go to Home » Security Center » ModSecurity™ Tools » Rules List and make sure you don't already have a rule id 1000 (if you do, alter the rule id:1000 in the code below to anything that does not already exist, but is below 920280 - I recommend you try and keep your Custom rules below 900000)

    2) Click on the Add Rule blue button

    3) Paste the following code into the Rule Text Box
    Code:
    #
    # This chained rule looks for the whm-server-status script being called from localhost
    # If both the rules validate, the rule id 920280 is disabled for this transaction
    #
    SecRule REQUEST_URI "whm-server-status" id:1000,phase:1,t:none,pass,nolog,chain
    SecRule REMOTE_ADDR "@ipMatch 127.0.0.1" t:none,nolog,ctl:ruleRemoveById=920280
    
    4) Check the Enable Rule and also the Deploy and Restart Apache boxes.

    5) Click Save

    Done - you should not see any more logged hits for GET /whm-server-status if the call came from localhost.
     
    cPanelMichael likes this.
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,165
    Likes Received:
    1,372
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page