Knowledgebase: How-To
Install and Configure ModSecurity
Posted by on 14 June 2012 04:40 PM

What is ModSecurity?

ModSecurity™ is a web application firewall (WAF). With over 70% of all attacks now carried out over the web application level, organizations need every help they can get in making their systems secure. WAFs are deployed to establish an external security layer that increases security, and detects and prevents attacks before they reach web applications. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with little or no changes to existing infrastructure.

Install ModSecurity

ModSecurity is installed by default with cPanel servers via EasyApache. Your ModSecurity logs will be located at /usr/local/apache/logs/audit_log

Configuring ModSecurity

  1. Log in to WHM

  2. Click Add-Ons

  3. Click ModSecurity

  4. Click Edit

  5. Add your ModSecurity rules

    Some basic rules to start with (you can go ahead and copy and paste these if you want):

    SecFilter "bcc:|Bcc:|BCc:|BCC:|bCc:|bCC:|bcC:|BcC:" chain
    SecFilter "[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}\,\x20[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}"

     

For ModSecurity documentation, please visit their website.

(4 vote(s))
This article was helpful
This article was not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
Help Desk Software by Kayako fusion
ERROR: This domain name (kb.asmallorange.com), does not match the domain name in the license key file help.asmallorange.com.

For assistance with your license, please contact the Kayako support team: https://support.kayako.com