How to enable cPanel's OWASP mod_security rules through command line

Quags

Administrator
Staff member
I personally prefer command line instead of logging into Web Host Manager. The process is faster and can be automated across many server. cPanel new mod_security rules can be easily enabled through command line.

Step 1: Make sure mod_security is enabled in easyapache.


Step2: enable them:

Code:
/scripts/modsec_vendor add [URL]http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP.yaml[/URL]
/scripts/modsec_vendor enable OWASP
/scripts/modsec_vendor enable-updates OWASP
/scripts/modsec_vendor enable-configs OWASP
Step 3:

Restart apache:

Code:
/scripts/restartsrv_httpd
 

bhawanisingh

New Member
How to check how many users have mod_security enabled/disabled on server?
Is there any way to find out?

Actually i just want to find out how many users have disabled mod_security for their domains in cPanel.
 

Quags

Administrator
Staff member
in cpanel /var/cpanel/users/userdata/domain.com(_SSL) has a line

secruleengineoff

This will show its enabled or disabled. If mod security manager is not enabled in the feature manager in cpanel there is no way to disable it.
 

pawlo.litasi

New Member
This will show its enabled or disabled. If mod security manager is not enabled in the feature manager in cpanel there is no way to disable it.
 
Last edited by a moderator:
Top