cPanel Support

ModSecurity Tools

ModSecurity ToolsModSecurity Tools

ModSecurity Tools

If you want to install and manage ModSecurity rules then WHM offers a tool: ModSecurity Tools.

For accessing this tool log in to WHM >> Navigate to “Security Center” >> then click “ModSecurity Tools” option. Following interface will appear:

ModSecurity Tools, Hostripples Web HostingModSecurity Tools, Hostripples Web Hosting

In this interface there is a button “Rules List” for viewing the Rules list section. In this section, Click “Hits List” tab.

ModSecurity Tools, Hostripples Web HostingModSecurity Tools, Hostripples Web Hosting

Important:

“ModSecurity Apache Module” is required for this interface. Therefore it is important to install it.

Then EasyApache 4 will load the /etc/apache2/conf.d/modsec/modsec2.cPanel.conf and /etc/apache2/conf.d/modsec/modsec2.user.conf files.

There is a possibility of creation of false positives on your system because the rules in these files may affect the way in which ModSecurity works.

If you see such false positives then locate for custom rules in this file.

Let’s discuss about “Hits List” option:

When you want to view the server’s history of the rule events that time use the “Hits List” section. If you want to edit or disable the ModSecurity rule which granted a hit, select “Rule ID”.  In ourcase the Hits list is empty as you can see.

ModSecurity Tools, Hostripples Web HostingModSecurity Tools, Hostripples Web Hosting

How to Report a Rule:

Perform the following steps, for reporting the issue with a vendor’s rule:

  1. First select the hit that has been generated by a rule in the Hits List and click “More”.
  2. Click “Report this hit”.

Important:

The ‘Report a rule’ option will not appear if the vendor does not accept the reports.

Enter the following information for the vendor:

  • Your email address, the reason for the report and any additional comments for the vendor.
  • Click “Review Report”.
  • Click “Submit” once you verify the information in your report.

Let’s discuss about “Rules List”:

For updating Apache Server with your planned changes click “Deploy and Restart Apache” which is present at the top or bottom of the interface.

Let’s see “Filter rules” option:

There is a “Vendor” button at the right corner of the table, click that button if you want to filter the list of rules. Then select the vendors which you want to show in the “Vendors” menu and then click “Apply”. For deselecting a vendor hold the “Control” key when you select the vendor.

Let’s see how to add a rule:

Perform following steps for adding a rule:

  1. A new interface will appear when select the “Add Rule” option.
  2. In the “Rule Text” Text box, enter the rule.
  3. Select “Enable Rule” checkbox, if you want to enable the rule at the time of deploying a configuration.
  4. Restart Apache immediately, when you want to deploy a rule then select the “Deploy and Restart Apache” checkbox.
  5. Click ‘Save’.

Let’s see how to Edit a rule:

  1. Select the “Edit” option for the rule which you want to update.
  2. Make the desired modifications in the “Rule Text” text box.
  3. Click “Save”.

Important:

If you want to remove all of the vendor’s rules from your system, then it is required to use the ModSecurity Vendors interface as you cannot edit any vendor rules.

Let’s see how to copy a rule:

Perform following steps for copying a rule: 

  1. Select the rule which you wish to update and click ‘Copy’.
  2. Make desired changes in the “Rule Text” text box.
  3. Click ‘Save’.

Let’s see how to Edit all rules:

For editing all the rules, perform the following steps:

  1. Select “Edit Rules” option.
  2. Make the desired changes in the”Rules” text box.
  3. Click ‘Save’.

How to Enable or Disable a rule:

Select ‘Enable’ or ‘Disable’ option in the rule’s row, for enabling or disabling a ModSecurity rule.

Let’s see how to ‘Delete’ a Rule:

For deleting a rule, perform following steps:

  1. Click ‘Delete’ for the rule which you desire to delete.
  2. Click ‘Delete’ for confirming your action.

ModSecurity Database Script:

If you want to manually create the “ModSecurity database” then run the following command:

/usr/local/cpanel/scripts/setup_modsec_db

Visit: Hostripples!

Vishwajit Kale
Vishwajit Kale blazed onto the digital marketing scene back in 2015 and is the digital marketing strategist of Hostripples, a company that aims to provide affordable web hosting solutions. Vishwajit is experienced in digital and content marketing along with SEO. He's fond of writing technology blogs, traveling and reading.
View all posts
Tags: cpanel modsecurity whitelist iphow to add mod_security rules cpanelmodsec phasesmodsecurity reverse proxymodsecurity rule id listmodsecurity ruleenginemodsecurity™ vendorsnamecheap mod security
6 years ago
Leave a Comment

Recent Posts

Discover the SEO Trends That Will Define 2025

Hold onto your keyboards, fellow digital enthusiasts! The future of SEO is racing towards us faster than a Google algorithm…

3 days ago

The Ultimate Beginner’s Playbook for Instagram Marketing

What Is Instagram Marketing? Instagram Marketing includes using the platform to advertise your business or personal brand to increase visibility,…

1 week ago

The Ultimate Guide to DIY Website Builders for Entrepreneurs

Ah, the joys of building a website! Picture this: You're sitting there in your pajamas, coffee in hand, ready to…

3 weeks ago

Don’t Ignore These 11 Signs You Need a Hosting Upgrade

Are you feeling like your website is running in slow motion? It can be frustrating when your online presence doesn't…

4 weeks ago

PrestaShop vs OpenCart: Which Is Right for Your Business?

Are you ready to take your online store to the next level? Whether you're running a PrestaShop or OpenCart platform,…

1 month ago

Resources