Skip to main content

ModSecurity add & remove rule for a domain

Comments

2 comments

  • cPanelMichael
    Hello @Volt55, The ModSecurity Domain Manager feature will allow you to completely enable or disable ModSecurity on account, but it doesn't allow an individual cPanel user to configure specific rules per domain. I recommend using a third-party plugin such as ConfigServer ModSecurity Control if you'd like to easily configure individual ModSecurity rules per account: ConfigServer ModSecurity Control (cmc) Thank you.
    0
  • linux4me2
    I haven't tried the plugins Michael is referring to, but you can select for a domain in your custom rule by adding the following type of SecRule to your new rule: SecRule SERVER_NAME "thedomain.com" "t:lowercase"
    To exempt a domain, you can use: SecRule SERVER_NAME "!@streq thedomain.com" "t:lowercase"
    You might run into issues with editing an existing rule, so you may want to create your own custom rule for the existing one and disable the existing rule.
    0

Please sign in to leave a comment.