cPanel and mod_security

Uncategorized

cPanel allows for adding some apache and PHP modules using the web interface (and a script they call easyapache). This can be found under Software > Apache Update
After installing mod_security the main configuration file is found at: /etc/httpd/conf/modsec2.conf which includes a blank file /etc/httpd/conf/modsec2.user.conf
I downloaded the mod_security ruleset from

wget http://403security.org/files/modsec_rules.txt

and copied these to

cp modsec_rules.txt /etc/httpd/conf/modsec2.user.conf


Some of the rules in the user file are already declared in the modsec2.conf file so I was slightly concerned about that but Apache restarted fine and I discovered that the rules from the include file (which came second in order) override the rules in modsec2.conf

Testing it out:
I tested the mod_security component by making the following request which includes a banned word from one of the rules:
http://photo.society.qub.ac.uk/?action=fopen&anotheraction=delete
I received the mod_security error page:

Method Not Implemented

GET to / not supported.

IIS 1.0 Server at the.domain.name 80

Leave a Reply

  • (will not be published)

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>