0

nano /etc/apache2/mods-enabled/security2.conf

<IfModule security2_module>
        SecDataDir /var/cache/modsecurity
        IncludeOptional /etc/modsecurity/*.conf
        IncludeOptional /usr/share/modsecurity-crs/*.load
</IfModule>

i try in .htaccess

<IfModule mod_security2.c>
    SecRuleEngine On
</IfModule>

Error: .htaccess: SecRuleEngine not allowed here

i have hestia cp and i cant edit <VirtualHost file: # DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS

dr.ipkins
  • 1
  • 1

1 Answers1

0

You can enable ModSecurity on a per site basis with the SecRuleEngine directive in a VirtualHost definition of that site.

<VirtualHost *:80>
        ServerName example.com
        ServerAlias www.example.com 
        DocumentRoot /var/www/html
        ...
        SecRuleEngine On
        ...
</VirtualHost>

Regarding your edit that you're using a control panel:

Questions involving web hosting control panels are off-topic

because they customize their systems so that standard system administration methods no longer apply. Some related topics may be asked on Webmasters or see Where can I ask questions about web hosting control panels?

My guess is that setting custom non-standard settings in a Apache VirtualHost in Hestia requires creating a custom apache2 template with the correct settings and directives and then in the advanced options select that template instead of the default one.

HBruijn
  • 77,029
  • 24
  • 135
  • 201
  • i have hestia cp and i cant edit – dr.ipkins Aug 18 '23 at 11:58
  • Repeating my last paragraph for your benefit: *"My guess is that setting custom non-standard settings in a Apache VirtualHost in Hestia requires creating a custom apache2 template with the correct settings and directives and then in the advanced options select that template instead of the default one."* – HBruijn Aug 18 '23 at 12:00
  • tanks is right way i think, but i copy default files to new names (/usr/local/hestia/data/templates/web/apache2) to new teample and not see him in list in control panel. Why? – dr.ipkins Aug 18 '23 at 14:33
  • tanks i copy defaylt files in /usr/local/hestia/data/templates/web/apache2/php-fpm and see it in list – dr.ipkins Aug 18 '23 at 14:44