Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Unable to disable mod_security per domain in user interface

Discussion in 'Security' started by stevenvsi, Apr 11, 2017.

Tags:
  1. stevenvsi

    stevenvsi Member

    Joined:
    Sep 20, 2014
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    It used to be possible BUT its gone somehow.

    I guess it was a cpanel decision and a workaround exist, right?

    What would it be? Also, is there a list of feature changes available?
    I do read the fixes in every updates, but I must have missed that one.

    Regards,
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,769
    Likes Received:
    313
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    There's a very popular addon available called: ConfigServer ModSecurity Control that you should find useful.
     
  3. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,515
    Likes Received:
    33
    Trophy Points:
    308
    cPanel Access Level:
    Root Administrator
    Hello,

    The ability for users to enable or disable ModSecurity for an individual domain is still present in cPanel & WHM version 64. The ability is present in the cPanel interface under ModSecurity.
     
    Infopro likes this.
  4. stevenvsi

    stevenvsi Member

    Joined:
    Sep 20, 2014
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hence the question. It used to be there but as said BUT it is no longer. We run 62.20.
    Was it de activated during an updade? If yes how can we re enable it?

    Regards,
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @stevenvsi,

    Check to ensure "ModSecurity™ Domain Manager" is enabled for the feature list associated with the package assigned to the account:

    "WHM >> Packages >> Feature Manager"

    Thanks!
     
  6. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    986
    Likes Received:
    76
    Trophy Points:
    78
    cPanel Access Level:
    DataCenter Provider
    I very very strongly urge against allowing users to disable modsecurity for their own domains.

    Fix or whitelist the bad rules, don't just let people shut if off. It's like allowing your end users in the office to turn off their own firewalls or anti-virus.

    By default we diasable this feature in WHM on our servers; if people want to use it we won't stop them, but it's a bad idea all around.

    I'd much rather see a cPanel interface for the user that lets them disable rule IDs for their own domain, rather than just completely disabling their own protection.

    For people with root/WHM access, we recommend configserver modsec control for per-rule, per-domain, or per-directorymatch whitelisting.
     
    Infopro likes this.
  7. stevenvsi

    stevenvsi Member

    Joined:
    Sep 20, 2014
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thank you, that was helpful.

    It was checked. I did look under another package and the feature was there, so this means it is probably a bug.
    I will try switching plan back and forth to see it if helps.

    As for disabling the feature suggestion in the following post, I would get non stop complain from all dev working on a Wordpress site.
    It is true it is less safe BUT at least until the site is ready to deploy, it allows them to build the site. After its the dicipline to remember to re enable modsec that is crucial for security.

    Regards,
     
  8. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    986
    Likes Received:
    76
    Trophy Points:
    78
    cPanel Access Level:
    DataCenter Provider
    Best of luck. Most likely you would just need to disable a few rule ID's that people run in to, and you wouldn't have to mess with it anymore.

    I have done exclusions that get 'kicked' by default to our servers, if one person runs into a problem with modsec and wordpress, I fix/exclude that rule for all customers. You are right in that if you don't do something, you will get constant complaints.
     
  9. stevenvsi

    stevenvsi Member

    Joined:
    Sep 20, 2014
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    With the new cpanel release (64) I will make sure modsec works as it should and enabled for all.
    Last year we had to disable so may rules that it made sense to allow the disable function.

    I still have to figure out why the logs are filed with permission denied:
    [Tue Apr 11 14:52:25 2017] [error] [client 72.141.187.67] ModSecurity: collection_store: Failed to access DBM file "/var/cpanel/secdatadir/ip": Permission denied [hostname "www.

    Everything I tried last time did not work, I do not have days to dig for that and had hoped newer version of cpanel would fix it but no.
    Having an eye on everything is very challenging and time consuming.

    Regards,
     
  10. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Note the feature is named "ModSecurity" in the cPanel UI when using the Paper Lantern theme. It's located under the "Security" section in the cPanel UI.

    Thank you.
     
Loading...

Share This Page