Brian

1. Community
2. Security
3. OWASP - mod security and wordpress

] Can you tell us more about how the rule updates will work? I see there's an option to keep them automatically updated, but how and when will this trigger? Via regular automatic updates like cPane...

• View comment
• Brian
• February 05, 2015 19:50
• 0 votes

1. Community
2. Security
3. OWASP - mod security and wordpress

]Thanks for the explanation. Any chance cpanel could have a chat with Comodo WAF and add them as a vendor as their rules seem to work out of the box. Given what we're doing with OWASP is more tha...

• View comment
• Brian
• February 05, 2015 16:15
• 0 votes

1. Community
2. Security
3. OWASP - mod security and wordpress

The OWASP Rule Set is something that we definitely expect is going to further mature over the next weeks/months. When we investigated using a curated rule set for cPanel & WHM, we reached out to O...

• View comment
• Brian
• February 05, 2015 14:58
• 0 votes

1. Community
2. Security
3. ModSecurity question (in WHM 11.48)

]1. When upgrading to 11.48, will the update blow away an existing ModSecurity setup 2. In 11.48, is there a "restore ModSecurity to stock/default" ? From 11.46 and forward, there are two files ...

• View comment
• Brian
• February 05, 2015 17:00
• 0 votes

1. Community
2. Security
3. Malicious php script keeps coming back.

Blocking the IP would simply be addressing the symptom (the file existing), and not the cause (how the file is getting there). Basically, if you block the IP than anyone else can still leverage wh...

• View comment
• Brian
• November 12, 2014 19:55
• 0 votes

1. Community
2. Security
3. Mod Security in Critical Systems, Install?

In the event you change your mind with the decision you made in the Feature Manager or didn't see the Feature Showcase, you can manually enable the ModSecurity Domain Manager through the below opti...

• View comment
• Brian
• November 11, 2014 15:41
• 0 votes

1. Community
2. Security
3. Mod Security in Critical Systems, Install?

ModSecurity, like most security related features, has the potential to block users from visiting sites. The goal, as always, is to only block malicious traffic. But as with any blocking feature (...

• View comment
• Brian
• November 11, 2014 15:25
• 0 votes

1. Community
2. Security
3. How to disable Cpanel-ModSecurity on in 11.46 in WHM

When you are presented the Feature Showcase option during the upgrade to enable/disable the ModSecurity Domain Manager, it is not asking you whether to install it or not. It's already installed by...

• View comment
• Brian
• November 11, 2014 15:36
• 0 votes

1. Community
2. Security
3. How to disable Cpanel-ModSecurity on in 11.46 in WHM

Disabling the ModSecurity Domain Manager in the cPanel interface (for enabling/disabling ModSecurity per-domain) is done through the Feature Manager in WHM where you can enable/disabled other simil...

• View comment
• Brian
• November 11, 2014 15:03
• 0 votes

1. Community
2. Security
3. ConfigServer ModSec vs built in ModSecurity in 11.46 - new server setup

The cPanel ModSecurity interface through WHM is not mutually exclusive to using the ConfigServer ModSec plugin. You can effectively use both in tandem without causing ModSecurity errors/problems. ...

• View comment
• Brian
• November 11, 2014 15:11
• 0 votes