$1 hosting

ModSecurity Vendors

ModSecurity Vendors

For managing your ModSecurity Vendors WHM provides a tool which is ‘ModSecurity Vendors’.

  • Let’s see what is ModSecurity Vendors interface and for what is it used?

ModSecurity Vendor is a module which works similar to a firewall in a web application or website so that it can protect the websites from various types of attacks. These attacks are protected according to the rule set used by that account.

Mostly it looks for incoming requests and after comparing them with the rules described in the rule set it takes the actions on those incoming requests.

You can install as well as manage your ModSecurity vendors using this interface.

First of all, log in to WHM. Navigate to “Security Center”. Click “ModSecurity Vendor” option. Following interface will appear:

Important:

If you want to use this interface, then it is important to install the ModSecurity Apache Module.

You should install the ModSecurity Apache module in order to use ModSecurity Vendor interface. For installing this you can use EasyApache4 interface or YUM.

Note:

EasyApache 4 will load the /etc/apache2/conf.d/modsec/modsec2.cPanel.conf  and /etc/apache2/conf.d/modsec/modsec2.user.conf files.

  • But these file’s rules may still affect the way in which ModSecurity functions, which may result into false positives on your system. Therefore if you see many false positives then check these files custom rules.
  • Let’s add a ModSecurity Vendor:

Perform following steps for adding a ModSecurity Vendor:

  1. Select ‘Add Vendor’ option.
  2. Enter the URL for ModSecurity Vendor in the “Vendor Configuration” text box.
  3. Then click ‘Load’ option. It will automatically load the “Vendor Name”, “Vendor Description”, “Vendor Documentation URL”, “ Vendor Report URL” and “Path” text boxes.
  4. Click ‘Save’ once you confirm that the vendor data is correct.

Important: –

  1. Deselect the ‘Enabled’ check box if you want to add a vendor in a disabled state.
  2. The interface will ask you to enable or disable each of the Vendor’s configuration files, once you add a Vendor. It is important to enable these vendor’s configuration files so that you can use the vendor’s rules.
  3. It is strongly recommended that you should enter a Vendor Configuration URL which should be SSL secured.
  4. Let’s see how to “Manage Vendors”:

You will need to run the following script as a “Root” user from command line for managing the ModSecurity Vendor’s functions:

/usr/local/cpanel/scripts/modsec_vendor

  • Now let’s see how to “Install a ModSecurity Vendor”:

For installing a cPanel-provided “ModSecurity Vendor”, first click “Install” for the specified vendor

And then again select “Install and Restart Apache”.

  • How to enable and disable vendor:
  • Click ‘On’ in the ‘Enabled’ column for that vendor for enabling a vendor.
  • Click ‘Off’ in the ‘Enabled’ column for that vendor for disabling a vendor.
  • How to ‘Enable’ or ‘Disable’ Updates:

Once the ‘Updates’ are ‘Enabled’, the system will retrieve vendor metadata’ new copies from the URL which you have used during the installation process. System then compares the downloaded metadata and automatically fetches and installs new versions of the rule set.

  • For Enabling automatic updates for a vendor, click ‘On’ in the ‘Updates’ column.
  • For Disabling the automatic updates for a vendor, click ‘Off’ in the ‘Updates’ column.
  • How to ‘Edit a Vendor’:

It is required to ‘Edit a Vendor‘, because the ‘ModSecurity Vendor’ rule creates group common rules and sets them into separate configuration files and it is also required for selectively enabling or disabling these configuration files.

  • For ‘Editing a ModSecurity Vendor’ perform the following steps:
  • Once you have selected the vendor for editing, click ‘Edit’ for that vendor
  • For enabling or disabling the configuration file click ‘Enable All’ or click ‘Disable All’ or click ‘Toggle’.
  • Let’s see how to ‘Delete a vendor’:

For deleting a ModSecurity Vendor, select the vendor from the list and then click ‘Delete’ and again click ‘Delete’.

Visit: Hostripples!


Vishwajit Kale
Vishwajit Kale blazed onto the digital marketing scene back in 2015 and is the digital marketing strategist of Hostripples, a company that aims to provide affordable web hosting solutions. Vishwajit is experienced in digital and content marketing along with SEO. He's fond of writing technology blogs, traveling and reading.

Recent Posts

Cyberduck and FileZilla: A Comprehensive Comparison

As a web designer and web developer your experience must have reached to new height, right? Further, you need to…

2 days ago

The Science Behind Social Media Posting Times

In today's digital landscape, timing is everything. Whether you're a social media manager, business owner, or content creator, the success…

1 week ago

Mastering Google Search Console: Tips for New Users

Are you a website owner? Maintaining the website is the prime concern for any website owner. Yes, it’s equally important…

2 weeks ago

A Comprehensive Guide to Changing and Protecting the WordPress Login URL

If you’ve planned to launch a WordPress website, you might get a question, “How do I log in to WordPress?”…

2 weeks ago

The Ultimate Showdown: Linux vs Windows for VPS Hosting

As the demand for virtual private servers (VPS) continues to grow, businesses and individuals are faced with a crucial decision:…

1 month ago