How to Enable/Disable Modsecurity for a specific Domain on cPanel Server

How to Enable/Disable Modsecurity for a specific Domain on cPanel Server

 
Modsecurity (Also known as modsec) is a httpd firewall that will protect your websites from brute force attacks. You might see 403 forbidden error on websites if mod security is blocking your website. Check the apache logs on your server to check whether modsecurity rules are blocking your website.

First you must install ConfigServer ModSecurity Control (CMC) plugin on your cPanel server so that you can easily manage modsecurity rules from WHM frontend. CMC is a free WHM add-on developed by “ConfigServer Services”. Log into your cPanel server via SSH as ‘root’ and run the below commands to install ConfigServer ModSecurity Control (CMC) on a cPanel server.

Command to install CMC :

[root@server ~]# cd /usr/local/src
[root@server ~]# wget http://download.configserver.com/cmc.tgz
[root@server ~]# tar -xzf cmc.tgz
[root@server ~]# cd cmc
[root@server ~]# sh install.sh

After CMC installation do the below step to Enable/Disable mod security for specific domain on the server.

1. Login to WHM (Webhost Manager) as ‘root’ user

URL to access WHM : https://YourServerIP:2087
Username : Enter ‘root’ in the username field.
Password : Enter server root password in the password field.

Click on “Log In”

2. Search for “ConfigServer ModSecurity Control” in the WHM search bar
 
mod security control cpanel
 
3. Click on “ConfigServer ModSecurity Control” under “Plugins”

WHM Home >> Plugins >> ConfigServer ModSecurity Control

4. Select the domain from the dropdown and Click on “Modify User Whitelist”
 
Disable mod security
 
5. In the next page you can completely Disable/Enable ModSecurity for all domains owned by this cPanel user.
 
Turn off mod security
 
Select the radio button “Off” and click on “Select” to disable mod security

Select the radio button “On” and click on “Select” to Enable mod security for the cPanel User
 
 
You can also edit mod security for a specific domain by editing the apache configuration file /usr/local/apache/conf/httpd.conf

Edit apache configuration file httpd.conf and add the below line in the ‘Virtual host’ entry of the domain.

vi /usr/local/apache/conf/httpd.conf

< IfModule mod_security2.c >
SecRuleEngine Off
< /IfModule >

Save the Apache configuration file and exit. Do not forget to run the below two commands after editing the apache configuration file.

/usr/local/cpanel/bin/apache_conf_distiller –update

/scripts/rebuildhttpdconf

Restart Apache service after running the distiller update and rebuild apache configuration.

Command to restart apache service : service httpd restart

It is better not to disable the modsecurity protection of the domain instead disable the modsec rule Id that is causing errors on the website.

About Us

Globedrill.com is a website that publishes articles related to Linux and Devops. Globedrill was started on April 2016.

Contact Us

Email : globedrill.c@gmail.com

Copyright © 2016 Globedrill. All Rights Reserved. The content in this website is copyrighted to Globedrill.com and may not be republished either online or offline.