How To Enable Mod_Security cPanel Servers
Mod_Security is a widely used tool to prevent intrusion in your cPanel server but also to block common attacks. It should be enabled. Running as a layer of protection between the end-user and your cPanel server.
This OpenSource program will block malicious IPs. Alert you to attempts to find weaknesses in your server and websites.
How Does Mod_Security Work?
Mod_Security works off rules so, if a user hits any of these rules their IP will become blacklisted in the server. The IP will no longer be able to communicate with that server.
The OWASP (Open Web Application Security Project) ModSecurity™ CRS (Core Rule Set). Provided by default will greatly improve the security of your system. By using the default rules you can expect;
ModSecurity provides protection against insecure website design
ModSecurity can run as an extra layer between the end-user and your website. Websites like WordPress and Joomla are a common target for attack. Especially if the webmaster does not keep the core website files and plugins updated.
Protection against operating system-level attack
By Enabling Mod_Security you can provide added protection for your cPanel server against operating-system-level attacks.
Protection against DDoS Attacks
Even though we can protect your server against DDoS attacks up to 200TB of bad traffic. ModSecurity can also provide effective protection against DDOS attacks through its rules.
But, used in conjunction with our DDoS protection you can keep your server online throughout an attack.
How To Enable Mod_Security – cPanel
First, to enable ModSecurity you need to ensure you have the Apache module this is done via Easy Apache 4, WHM > Home > Software > EasyApache 4. Select and compile the ModSecurity Apache module into your current build.
Next, in WHM > Home > Security Center > ModSecurity Vendors install the core ruleset and enable the configuration. At this point, the software will become active and start protecting your server.
Reviewing The ModSecurity Hits
From the ModSecurity Tools page, you can see all the rules that have been hit. To access this interface navigate to WHM > Home > Security Center > ModSecurity Tools.
But, it’s possible some legitimate traffic is caught by ModSecurity rules. From this page, you can also disable and report rules that catch legitimate traffic.
How was this article? – About cPanel ModSecurity And How To Enable ModSecurity
More from cPanel
How To Install A Cloudflare Origin SSL Certificate In cPanel
Free SSL Certificates from places like cPanel or Let's Encrypt are great. When Let's Encrypt first introduces free SSL Certificates …
Create a SWAP partition on CentOS, RHEL and AlmaLinux without a reboot
SWAP is a memory type that Linux NVMe VPS Servers use to process requests. Memory will be held in SWAP …
Help fixing Error: last request failed: [AUTH] Authentication failed.
The Error: last request failed: [AUTH] Authentication failed error can be caused by a range of things. It could be …