Introduction:
Using the Mod Security Custom Rule Set, we can block the bad bots in cPanel/WHM.
In cPanel/WHM, ModSecurity Custom Rules are rules created and configured by server administrators to enhance web application layer security.
ModSecurity is an open-source web application firewall (WAF) that helps protect web applications from various security threats, such as SQL injection, cross-site scripting (XSS), and other malicious activities.
Below are the steps for adding a custom rule to block bad bots in cPanel/WHM at the server level.
Step 1: Log in to WHM.
Step 2: Find and open 'ModSecurity Tools' in the 'Security Center' section.
Step 3: Click on the 'Rule List' button.
Step 4: In the Rules window, click on the Add Rule button.
Step 5: You'll see a page titled 'Add a new custom ModSecurity™ rule'. Copy and paste the code below into the 'Rule Text' box:
SecRule REQUEST_HEADERS:User-Agent "@rx (?:BotNameHere|BotNameHere|BotNameHere)" "msg:'Spiderbot blocked',phase:1,log,id:7777771,t:none,block,status:403"
Step 6: Make sure you include the code from 'SecRule' to '403".
Step 7: Check 'Enable Rule' and 'Deploy and Restart Apache'. This applies the rule and restarts Apache. After that, click on the Save button.
Step 8: After clicking the Save button, the rule will be added and will appear in the Rules list.
Note:
-> Creating ModSecurity Custom Rules requires a good understanding of web application security and the ModSecurity rule syntax.
-> Regularly review and update custom rules to adapt to evolving security threats.
-> Carefully test custom rules to avoid inadvertently blocking legitimate traffic.
In short, ModSecurity Custom Rules empower administrators to tailor security policies, address specific threats, and enhance the overall security posture of their web applications and servers with fine-grained control and flexibility.
Conclusion:
In conclusion, blocking bots on a LiteSpeed web server with cPanel involves accessing LiteSpeed's settings through cPanel, utilizing features such as ModSecurity to implement rules that identify and block unwanted bot traffic.
By carefully configuring bot-blocking measures, web administrators can enhance security and optimize server performance, ensuring a smoother and safer browsing experience for legitimate users.