0

The new cPanel/WHM has Mod Security built in, I am not talking about Config Server or other third party solutions. Does enabling this do anything or do I need to use rules like OWASP and ATOMIC provide?

I know this sounds like a simple question that could be answered with a little research but I've done a lot and even read the /usr/local/apache/conf directory. I am trying to simplify the question, my real question is what is already built in and how can it integrate more rules? Are the rules activated by default or do they need to be included in the Custom Rule? Is it a bad idea to add OWASP rules? I tried doing this and everyone's IPs started getting blocked in the firewall.

Neo
  • 11,078
  • 2
  • 68
  • 79

1 Answers1

1

Rules added only as the latest cPanel update (using 11.48.0 build 9). It has included the OWASP ModSecurity Core Rule Set which can be enabled via WHM->Security Center->Modsecurity Vendors.

Ivan
  • 1,274
  • 16
  • 22
  • Thank you, My WHM hasen't updated to this version yet, perhaps it is not in the stable release state. I have added OWASP myself manually and over time disabled about 100 false positives, rule by rule manually, I am guessing switching to this one will cause me to start over again. – Neo Feb 07 '15 at 00:51