Enable gui for user to override modsec rules?

jjozwik

• September 01, 2015 09:59

Is there a gui or method already for end users to override or append a modsec rule for just their account. I can see they can turn off modsec for domains. But was looking for a place to override specific rules required for applications.

• 

  hostCAPO

  • September 02, 2015 18:36

  Hello, Look in the accounts package, feature list for the following: Mod_Security" Domain Manager Be sure this is enabled as it allows the cPanel user to enable/disable the ModSec configuration:

  0
• 

  quizknows

  • September 02, 2015 19:51

  Jeremy, jjozwik referenced that in his first post. Yes, there is a way for users to disable modsec entirely, but the domain manager does not yet support disabling individual rules (unfortunately). I have found a slight increase in hacked sites since users have been able to disable modsecurity for themselves, and I advise all of our customers to completely disable the modsecurity domain manager for their users because of this. Hopefully, this will be added in the future so that users can disable individual rule IDs for their sites without such a major risk. Many of the hacked sites I worked on recently were hacked due to the cPanel user disabling ModSecurity on their own sites. In the mean time you are left to modify the userdata includes files as referenced from httpd.conf to remove individual rule IDs on a per-site basis. This is also a feature of ConfigServer Modsec Control. You can insert lines into these files with "SecRuleRemoveByID $RULEID" to disable individual rules for the user/site.

  0
• 

  cPanelMichael

  • September 04, 2015 05:34

  Hello :) I could not find an existing feature request open for this, so it's likely a good idea to submit a feature request via: Submit A Feature Request This will allow users to track the implementation of the feature should our developers decide to implement it. Thank you.

  0

Please sign in to leave a comment.