How to whitelist Mod_security rules for a domain on a CPanel server

Posted: 2p in Linux
Tags: ,

How to whitelist Mod_security rules for a domain on a CPanel server

First off-all, you need to find the Rule ID. You can find it from the apache error log (grep for your IP) or if you have CSF installed and keep getting your IP blocked, check /etc/csf/csf.deny to see if its listing the mod_security rule that you were blocked from.

Once you have the rule’s id number, you will need to create the following file and directory, as some of them are not there by default.

# mkdir -p /usr/local/apache/conf/userdata/std/2/user/domain.com
# vim /usr/local/apache/conf/userdata/std/2/user/domain.com/domain.com.conf

Add the following lines and whitelist some mod_security rules.

#
SecRuleRemoveById
#

Be sure to replace with the Rule ID number of the mod_security rule you need to whitelist. Save the file, and then run the following commands, replacing with the actual cpanel user name.

Enabling the userdata includes in Apache conf
/scripts/ensure_vhost_includes –user=cpanel user

This uncomments a line in the VirtualHost entry in httpd.conf for this domain to include any .conf files in /usr/local/apache/conf/userdata/std/2/user/domain.com/

[# /usr/local/cpanel/bin/apache_conf_distiller –update
# /usr/local/cpanel/bin/build_apache_conf

These compile and distill the changes into Apache’s configuration.

Advertisements
Comments
  1. web page says:

    Its not my first time to visit this site, i am browsing this web site dailly and obtain fastidious facts from here all the time.

  2. blogspot.com says:

    Hi, I do think this is an excellent site. I stumbledupon it 😉
    I’m going to return once again since I saved as a favorite it. Money and freedom is the greatest way to change, may you be rich and continue to guide others.

  3. I am now not certain the place you are getting your information, however great
    topic. I must spend a while finding out much more or understanding more.
    Thank you for great information I used to be looking for this information
    for my mission.

  4. Everything is very open with a precise clarification of the
    challenges. It was definitely informative. Your site is very helpful.
    Thank you for sharing!

  5. Hi, I do think this is a great web site. I stumbledupon
    it 😉 I will come back yet again since I book marked it. Money and freedom is the greatest way to change, may you be
    rich and continue to help others.

  6. Spot on with this write-up, I really believe that this amazing site needs much more
    attention. I’ll probably be back again to read more, thanks for the advice!

  7. It’s going to be finish of mine day, except before ending
    I am reading this enormous paragraph to increase my experience.

  8. Ηello! I’ve been reading ʏour web site for some time ոow aոd finally got
    the bravery to gօ ahead ɑnd give you a shout ߋut from Huffman Tx!
    Jսst wanted to tell ʏߋu ƙeep up the excellent job!

  9. Wonderful article! That is the type of information that should be shared across the net.
    Shame on the seek engines for not positioning this
    put up higher! Come on over and seek advice from my web site .
    Thank you =)

  10. Aw, this was a very good post. Spending some time
    and actual effort to create a superb article… but what can I say… I put things off a lot
    and don’t manage to get nearly anything done.

  11. youtube.com says:

    For the reason that the admin of this web page is working, no doubt very quickly
    it will be famous, due to its feature contents.

  12. Wonderful beat ! I wish to apprentice while you amend your website, how can i
    subscribe for a blog website? The account aided me
    a acceptable deal. I had been tiny bit acquainted of this your broadcast offered bright clear concept

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s