How to enable cPanel's OWASP mod_security rules through command line

Quags

Administrator
Staff member
I personally prefer command line instead of logging into Web Host Manager. The process is faster and can be automated across many server. cPanel new mod_security rules can be easily enabled through command line.

Step 1: Make sure mod_security is enabled in easyapache.


Step2: enable them:

Code:
/scripts/modsec_vendor add [URL]http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP.yaml[/URL]
/scripts/modsec_vendor enable OWASP
/scripts/modsec_vendor enable-updates OWASP
/scripts/modsec_vendor enable-configs OWASP
Step 3:

Restart apache:

Code:
/scripts/restartsrv_httpd
 

bhawanisingh

New Member
How to check how many users have mod_security enabled/disabled on server?
Is there any way to find out?

Actually i just want to find out how many users have disabled mod_security for their domains in cPanel.
 

Quags

Administrator
Staff member
in cpanel /var/cpanel/users/userdata/domain.com(_SSL) has a line

secruleengineoff

This will show its enabled or disabled. If mod security manager is not enabled in the feature manager in cpanel there is no way to disable it.
 
Top