CentOS WebPanel – Enable Mod Security

ModSecurity is an open source, cross-platform web application firewall (WAF) module. Known as the “Swiss Army Knife” of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.

ModSecurity is a must-have module for your web hosting server. By default, it’s not enabled on CWP but we get a warning message:

cwp mod_security warning

Message id [1ed1025953b226625f2323f218e64682]: === SECURITY WARNING === Mod Security is NOT enabled on your server, click here to enable it!

To enable Mod Security in CWP:

  1. Log into CWP as root
  2. Navigate to Security->Mod Security. You will see a message here Mod Security configuration is: not installed
  3. Choose what rules do you want to use and click the Install Mod Security button.
    You have three options for rules:
    – OWASP old (Old rules which come as default with CWP)
    – OWASP latest (Latest version of OWASP rules with automatic updates) [CWPpro required]
    – Comodo WAF (Latest version of Comodo WAF rules with automatic updates) [CWPpro required]
  4. Confirm at the dialog box that you really want to install Mod Security
  5. You will see a log of the installation and the message Mod Security Successfully Installed
  6. For general rules modifications, you can go anytime again to Security->Mod Security and look at the files:
    Main Configuration –> /usr/local/apache/conf.d/mod_security.conf
    Rules Configuration –> /usr/local/apache/modsecurity-owasp-old/owasp.conf
    Disabled Rules –> /usr/local/apache/modsecurity-owasp-old/global_disabled_rules.conf
  7. On the Mod Security page, you can also ass rules for individual domains/subdomains. Just choose the domain from the drop-down list and click the Modify user whitelist button.

The short video tutorial for this article:

CWP – enable mod_security

This Post Has One Comment

  1. NMIMS Halo

    Way too simple… Thanks… Ketan (www.halo.co.in)

Leave a Reply