how to install and configure mod security on cPanel?

ModSecurity is a web application firewall. It blocks the incoming web request depends on the added ruleset.  Using ModSecurity, you can protect your web application against attacks like session hijacking, SQL injection, cross-site scripting, etc. In this article, we will install the mod security version 3. It is faster than the previous versions. 

Please refer to the following steps to install ModSecurity 3 in cPanel. We assume you have root access to the server, and also Easyapache4 is installed on it.

  1. Login to your server using SSH.

  2. Run the below command to install the EasyApache4 experimental repository.

    yum install ea4-experimental
  3. Please uninstall the mod security2 if you have already installed it on the server.

    yum remove ea-apache24-mod_security2
  4. Run the below command to install connectors that allows ModSecurity to work with a web server.
  • For Apache

    yum install ea-modsec30-connector-apache24 
  • For Nginx

    yum install ea-modsec30-connector-nginx

WHM Part

  1. Login to your WHM Panel.

  2. Inside the software, click on the EasyApache 4.

  3. Click on the customize button.

  4. Go to the additional packages and ensure the connector is installed. If you are working for apache, ensure that modsec30-connector-apache24 is installed. For Nginx, you require modsec30-connector-nginx.

  5. Click on the Next, review, and provision button to complete the installation.

  6. Now, install the OWASP Core Rule Set using the below command.

    yum install ea-modsec30-rules-owasp-crs

ModSecurity Confiuration

At ModSecurity configuration, you can set up several global settings. It allows configuring the behavior of the audit log, rules engine, and connection engine.

To learn more about these configuration options, please refer to the ModSecurity configuration documentation.

ModSecurity Tools

ModSecurity Tools allows monitoring and configuring the firewall’s rules. You can find all the rules here and also activate/deactivate rules as per the requirement. It also allows adding a new rule. Please refer to SecRules language for more details. 

ModSecurity Vendors

ModSecurity Vendors allows adding and managing various rule sets. You can see the OWASP CRS rule set that we have installed. You can activate or deactivate it from here. You can also edit or exclude the rule set like IP reputation, Wordpress exclusion, etc.

Related Articles

What is cPanel?

cPanel is a Web-based control panel provides by Hosting Providers to their clients to manage...

How to assign a Dedicated IP to cPanel?

In WHM/cPanel, you can’t modify an individual website IP Address but you can change the IP...

How to access file manager in cpanel?

File manager is a tool that will help you to manage your files, folders and directories without...

How to enable cPhulk in WHM?

cPHulk is a powerful extension that protects your server from the brute force attacks. In this...

How to install PrestaShop in cPanel?

PrestaShop is a free and open-source e-commerce content management system (CMS). Please refer to...

  • 0 Users Found This Useful

Was this answer helpful?