ModSecurity is an opensource web application firewall (WAF) that is designed to be integrated within web servers such as Apache and Nginx and assist with mitigating commonly known attacks. Through the use of ModSecurity Domain Manager, the cPanel interface allows the user to enable and disable ModSecurity on a per-domain basis.
Before enabling this feature for cPanel users, you will want to ensure that ModSecurity is active on the server as well as making use of at least one vendor. To do this:
- Login to the WHM interface.
- Using the left-side menu, click on ModSecurity™ Vendors.
- A page will load along with a list of vendors. By default, "OWASP ModSecurity Core Rule Set VX.X" should be available. Toggle the "enabled" column to "on", this will allow ModSecurity to make use of that particular vendor.
You are now ready to enable this feature for your users. This can be done by navigating to:
- The Feature Manager interface on the left-side menu.
- You may choose to either create a new features list or modify an existing one by clicking "Edit" under "Manage feature list".
- A page with a list of features available for your server will be presented. Check the box for "ModSecurity™ Domain Manager".
- Click "Save" on the bottom-left of the page.
With these changes in effect, cPanel users can make use of the ModSecurity through their control panel.
Note: The feature within the cPanel interface is called "ModSecurity", which is different from the name in the feature manager list.