Skip to main content

Custom mod_security rules disappear

Comments

4 comments

  • quizknows
    Julia, The add rules interface in WHM will add the rules to /usr/local/apache/conf/modsec2.user.conf. Some hosting providers manage this file for you, so you should check in the file /usr/local/apache/conf/modsec2.user.conf to see if there is any information in there. The owasp ruleset does get updated by cPanel so if you added custom rules to the actual OWASP rules files you should expect them to disappear. Worst case you could use a file like /usr/local/apache/conf/includes/post_virtualhost_global.conf but this shouldn't be necessary.
    0
  • cPanelMichael
    Hello, The method you used to add the custom rule should allow it to be preserved:
    0
  • spry_jdk
    Thank you, both. I see my custom rules at the bottom of /usr/local/apache/conf/modsec2.user.conf now, so the process of adding it via the WHM UI is not the issue. At the top of this file, it says the following: ## DO NOT MAKE DIRECT MODIFICATIONS TO THIS FILE. # Changes to this file may be over-written by future upgrades to mod_security rules. # If you need to whitelist rules, please use /usr/local/apache/conf/modsec2/whitelist.conf The comments appear to be from my hosting provider, so I take it to mean that they are managing mod_security rules for me in a way that isn't compatible with the current functionality provided by WHM. I'll contact them to resolve the issue. Thanks, Julia
    Hello, The method you used to add the custom rule should allow it to be preserved: "WHM Home " Security Center " ModSecurity" Tools " Rules List " Add Rule" Is your /usr/local/apache/conf/modsec2.user.conf file manipulated by another application or service? Note this is documented here:
    0
  • cPanelMichael
    Hello, I am happy to see you were able to find an answer to your question. Thank you for updating us with the outcome.
    0

Please sign in to leave a comment.