How to Enable/Disable Modsecurity for a specific Domain on cPanel Server
How to Enable/Disable Modsecurity for a specific Domain on cPanel Server
Modsecurity (Also known as modsec) is a httpd firewall that will protect your websites from brute force attacks. You might see 403 forbidden error on websites if mod security is blocking your website. Check the apache logs on your server to check whether modsecurity rules are blocking your website.
First you must install ConfigServer ModSecurity Control (CMC) plugin on your cPanel server so that you can easily manage modsecurity rules from WHM frontend. CMC is a free WHM add-on developed by “ConfigServer Services”. Log into your cPanel server via SSH as ‘root’ and run the below commands to install ConfigServer ModSecurity Control (CMC) on a cPanel server.
Command to install CMC :
[root@server ~]# cd /usr/local/src
[root@server ~]# wget http://download.configserver.com/cmc.tgz
[root@server ~]# tar -xzf cmc.tgz
[root@server ~]# cd cmc
[root@server ~]# sh install.sh
After CMC installation do the below step to Enable/Disable mod security for specific domain on the server.
1. Login to WHM (Webhost Manager) as ‘root’ user
URL to access WHM : https://YourServerIP:2087
Username : Enter ‘root’ in the username field.
Password : Enter server root password in the password field.
Click on “Log In”
2. Search for “ConfigServer ModSecurity Control” in the WHM search bar
3. Click on “ConfigServer ModSecurity Control” under “Plugins”
WHM Home >> Plugins >> ConfigServer ModSecurity Control
4. Select the domain from the dropdown and Click on “Modify User Whitelist”
5. In the next page you can completely Disable/Enable ModSecurity for all domains owned by this cPanel user.
Select the radio button “Off” and click on “Select” to disable mod security
Select the radio button “On” and click on “Select” to Enable mod security for the cPanel User
You can also edit mod security for a specific domain by editing the apache configuration file /usr/local/apache/conf/httpd.conf
Edit apache configuration file httpd.conf and add the below line in the ‘Virtual host’ entry of the domain.
vi /usr/local/apache/conf/httpd.conf
< IfModule mod_security2.c >
SecRuleEngine Off
< /IfModule >
Save the Apache configuration file and exit. Do not forget to run the below two commands after editing the apache configuration file.
/usr/local/cpanel/bin/apache_conf_distiller –update
/scripts/rebuildhttpdconf
Restart Apache service after running the distiller update and rebuild apache configuration.
Command to restart apache service : service httpd restart
It is better not to disable the modsecurity protection of the domain instead disable the modsec rule Id that is causing errors on the website.