ModSecurity Tools
If you want to install and manage ModSecurity rules then WHM offers a tool: ModSecurity Tools.
For accessing this tool log in to WHM >> Navigate to “Security Center” >> then click “ModSecurity Tools” option. Following interface will appear:
In this interface there is a button “Rules List” for viewing the Rules list section. In this section, Click “Hits List” tab.
Important:
“ModSecurity Apache Module” is required for this interface. Therefore it is important to install it.
Then EasyApache 4 will load the /etc/apache2/conf.d/modsec/modsec2.cPanel.conf and /etc/apache2/conf.d/modsec/modsec2.user.conf files.
There is a possibility of creation of false positives on your system because the rules in these files may affect the way in which ModSecurity works.
If you see such false positives then locate for custom rules in this file.
Let’s discuss about “Hits List” option:
When you want to view the server’s history of the rule events that time use the “Hits List” section. If you want to edit or disable the ModSecurity rule which granted a hit, select “Rule ID”. In ourcase the Hits list is empty as you can see.
How to Report a Rule:
Perform the following steps, for reporting the issue with a vendor’s rule:
Important:
The ‘Report a rule’ option will not appear if the vendor does not accept the reports.
Enter the following information for the vendor:
Let’s discuss about “Rules List”:
For updating Apache Server with your planned changes click “Deploy and Restart Apache” which is present at the top or bottom of the interface.
Let’s see “Filter rules” option:
There is a “Vendor” button at the right corner of the table, click that button if you want to filter the list of rules. Then select the vendors which you want to show in the “Vendors” menu and then click “Apply”. For deselecting a vendor hold the “Control” key when you select the vendor.
Let’s see how to add a rule:
Perform following steps for adding a rule:
Let’s see how to Edit a rule:
Important:
If you want to remove all of the vendor’s rules from your system, then it is required to use the ModSecurity Vendors interface as you cannot edit any vendor rules.
Let’s see how to copy a rule:
Perform following steps for copying a rule:
Let’s see how to Edit all rules:
For editing all the rules, perform the following steps:
How to Enable or Disable a rule:
Select ‘Enable’ or ‘Disable’ option in the rule’s row, for enabling or disabling a ModSecurity rule.
Let’s see how to ‘Delete’ a Rule:
For deleting a rule, perform following steps:
ModSecurity Database Script:
If you want to manually create the “ModSecurity database” then run the following command:
/usr/local/cpanel/scripts/setup_modsec_db
Visit: Hostripples!
Due to growing digitalization, Email Communication has become the backbone of professional interactions. Yet, surprisingly, many professionals struggle to craft…
As the digital landscape continues to evolve, securing your website has never been more crucial. SSL, or Secure Sockets Layer,…
As a web designer and web developer your experience must have reached to new height, right? Further, you need to…
In today's digital landscape, timing is everything. Whether you're a social media manager, business owner, or content creator, the success…
Are you a website owner? Maintaining the website is the prime concern for any website owner. Yes, it’s equally important…