WHM Server Security – Setup & Configuration of ModSecurity
It also offers protection to a wide range of attacks. The way in which ModSecurity operates is that we set a list of rules for eg: all the POST and DELETE HTTP from any IP methods must be blocked. If the incoming HTTP connection mathes the rule, the IP from which the connection is established will be blocked by ModSecurity.
You can install ModSecurity really easy via cPanel/WHM’s Easyapache tool.
Once ModSecurity is installed you can easily manage it via WHM panel. Login to WHM and go to, Home >> Security Center
There you can see three options
Let’s see what each of these options are meant for.
This interface lets you to configure the general or global settings.
You can see a number of directives and the options for each for each of it. You may go through what each directive and the options are for by going to the details link. Just select the options and Save.
ModSecurity vendors are the providers which provides the set of ModSecurity rules. If you install a vendor, their set of rules will be installed in the server.
Just click on the install button on the right of the corresponding ModSecurity Vendor.
Click on the Install and Restart Apache button. This will add the ModSecurity rules of that vendor in the server and these rules will be active after the Apache restart.
This interface shows you the list of all the hits. i.e, all the connections that were blocked due to the ModSecurity trigger.
If you click in the Rules list, you can see the list of all the installed rules. You can also disable the rule from this interface.
You can refer Apache logs for the hits and the rule ID which triggers mod_security.
For any further assistance or queries, feel free to contact our 24*7*365 support department.