For anyone irritated by the ModSecurity Tools logged Hits every 5 minutes generated by the 'GET /whm-server-status' triggering rule id 920280 .......... this is for you 
1) Go to Home » Security Center » ModSecurity™ Tools » Rules List and make sure you don't already have a rule id 1000 (if you do, alter the rule id:1000 in the code below to anything that does not already exist, but is below 920280 - I recommend you try and keep your Custom rules below 900000)
2) Click on the Add Rule blue button
3) Paste the following code into the Rule Text Box
4) Check the Enable Rule and also the Deploy and Restart Apache boxes.
5) Click Save
Done - you should not see any more logged hits for GET /whm-server-status if the call came from localhost.
1) Go to Home » Security Center » ModSecurity™ Tools » Rules List and make sure you don't already have a rule id 1000 (if you do, alter the rule id:1000 in the code below to anything that does not already exist, but is below 920280 - I recommend you try and keep your Custom rules below 900000)
2) Click on the Add Rule blue button
3) Paste the following code into the Rule Text Box
Code:
#
# This chained rule looks for the whm-server-status script being called from localhost
# If both the rules validate, the rule id 920280 is disabled for this transaction
#
SecRule REQUEST_URI "whm-server-status" id:1000,phase:1,t:none,pass,nolog,chain
SecRule REMOTE_ADDR "@ipMatch 127.0.0.1" t:none,nolog,ctl:ruleRemoveById=9202805) Click Save
Done - you should not see any more logged hits for GET /whm-server-status if the call came from localhost.
