Celebrate Our 22nd Anniversary with Huge Savings! Up to 70% Off

  Categories

Affiliate Questions
40
Billing & Accounts
48
Client Area Tutorials
37
Cloud Hosting
27
Control Panels
776
Database Server
116
Dedicated Servers
15
Form Downloads
5
Mail Servers Tutorials
223
Miscellaneous Articles
240
Pre-Sales Questions
613
Video Tutorials
1
VPS Hosting
697
Web Hosting
187
Web Services
112
Website Migration
9
WordPress Hosting
229

  Categories

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket

how to install and configure mod security on cPanel?

Print

ModSecurity is a web application firewall. It blocks the incoming web request depends on the added ruleset.  Using ModSecurity, you can protect your web application against attacks like session hijacking, SQL injection, cross-site scripting, etc. In this article, we will install the mod security version 3. It is faster than the previous versions. 

Please refer to the following steps to install ModSecurity 3 in cPanel. We assume you have root access to the server, and also Easyapache4 is installed on it.

  1. Login to your server using SSH.

  2. Run the below command to install the EasyApache4 experimental repository.

    yum install ea4-experimental
  3. Please uninstall the mod security2 if you have already installed it on the server.

    yum remove ea-apache24-mod_security2
  4. Run the below command to install connectors that allows ModSecurity to work with a web server.
  • For Apache 

    yum install ea-modsec30-connector-apache24
  • For Nginx

    yum install ea-modsec30-connector-nginx

WHM Part

  1. Login to your WHM Panel.

  2. Inside the software, click on the EasyApache 4.

    Get Linux VPS
  3. Click on the customize button.

  4. Go to the additional packages and ensure the connector is installed. If you are working for apache, ensure that modsec30-connector-apache24 is installed. For Nginx, you require modsec30-connector-nginx.

  5. Click on the Next, review, and provision button to complete the installation.

    Get Linux VPS
  6. Now, install the OWASP Core Rule Set using the below command.

    yum install ea-modsec30-rules-owasp-crs

ModSecurity Confiuration

At ModSecurity configuration, you can set up several global settings. It allows configuring the behavior of the audit log, rules engine, and connection engine.

To learn more about these configuration options, please refer to the ModSecurity configuration documentation.

ModSecurity Tools

ModSecurity Tools allows monitoring and configuring the firewall’s rules. You can find all the rules here and also activate/deactivate rules as per the requirement. It also allows adding a new rule. Please refer to SecRules language for more details. 

ModSecurity Vendors

ModSecurity Vendors allows adding and managing various rule sets. You can see the OWASP CRS rule set that we have installed. You can activate or deactivate it from here. You can also edit or exclude the rule set like IP reputation, Wordpress exclusion, etc.

Get Linux VPS

Was this answer helpful?

Related Articles

How to reset FTP user password in cPanel? You can change the FTP password from cPanel using the following steps: Login to cPanel. Go to... How do I suspend/unsuspend a cPanel account via root SSH? Suspending an account means the associated website is no longer visible online. Instead, visitors... How to enable cPanel password reset in WHM? The WHM control panel allows individual users to reset their cPanel password without logged into... How to download MySQL database backup from cPanel? You can download the compressed MySQL database backup from cPanel. You will need to perform the... How to Move Accounts From One cPanel Server To Another cPanel server? cPanel facilitates you with the built-in Transfer Tools, allowing you to migrate your existing...
« Back

Copyright © 2003-2025 AccuWebHosting.com USA | Designed By: AccuWebTech.Com

Get Support!

We are here to help!

Sales Department Technical Department Affiliate Group