What is mod_security?

What is mod_security?

ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

You can install or upgrades are performed automatically when you run EasyApache /scripts/easyapache

Once enabled easyapache, goto WHM -> Plugins -> Mod Security ->Edit Config

click  default rules

Mod security configuration will included in /etc/httpd/conf/httpd.conf apache file.

Include “/usr/local/apache/conf/modsec2.conf”

Use the following link for more about mod security options and rules.

http://www.modsecurity.org/documentation/modsecurity-apache/2.5.5/modsecurity2-apache-reference.html#N109A9

Here are some important things to know when you change between ModSecurity versions:

Upgrades are performed automatically when you run EasyApache
The ModSecurity Activity Viewer in WHM complies easily
The rule editor in WHM will automatically work with the installed version of ModSecurity’s rules.

Rule syntax is completely different and located in different locations. When you migrate between major version numbers of ModSecurity, your mod_security 1 rules will need to be redone in mod_security 2 and vice versa.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Install Free SSL Let’s Encrypt plugin in cPanel

Let’s Encrypt is a trusted, open source certificate authority that offers free SSL certificates...

Install nginx as a reverse proxy cPanel plugin

Install Nginx on your cPanel/WHM server using the Engintron cPanel Plugin as a reverse proxy. It...