Install Mod_Sec Control di cpanel

1. install ConfigServer ModSecurity Control (cmc) http://www.configserver.com/cp/cmc.html untuk mempermudah management user


2. download rule dari http://www.gotroot.com/mod_security+rules dan upload ke direktori /usr/local/apache/conf/modsec, create direktori modsec kalau tidak ada

3. Download semua rule misal

wget http://downloads.prometheus-group.com/delayed/rules/modsec/00_asl_whitelist.conf
wget http://downloads.prometheus-group.com/delayed/rules/modsec/05_asl_exclude.conf
wget http://downloads.prometheus-group.com/delayed/rules/modsec/10_asl_antimalware.conf
wget http://downloads.prometheus-group.com/delayed/rules/modsec/malware-blacklist.txt
wget http://downloads.prometheus-group.com/delayed/rules/modsec/30_asl_antispam.conf
wget http://downloads.prometheus-group.com/delayed/rules/modsec/domain-blacklist.txt
wget http://downloads.prometheus-group.com/delayed/rules/modsec/50_asl_rootkits.conf
wget http://downloads.prometheus-group.com/delayed/rules/modsec/00_asl_rbl.conf

4. Mod_sec configurasi

# ConfigServer ModSecurity whitelist file
Include /usr/local/apache/conf/modsec2.whitelist.conf

SecRule REQUEST_URI "x=ftpquickbrute" "deny"
SecRule REQUEST_URI "wrobot\.php"
SecRule REQUEST_URI "/wrobot/"

SecCacheTransformations Off
SecRequestBodyAccess On
SecResponseBodyAccess On
SecResponseBodyMimeType (null) text/html text/plain text/xml
SecResponseBodyLimit 2621440
SecArgumentSeparator "&"
SecCookieFormat 0
SecRequestBodyInMemoryLimit 131072
SecResponseBodyLimitAction ProcessPartial
SecUploadDir /tmp
SecTmpDir /tmp
SecDataDir /tmp
SecServerSignature Apache
SecPcreMatchLimit 100000
SecPcreMatchLimitRecursion 100000

#Include /usr/local/apache/conf/modsec/00_asl_whitelist.conf
Include /usr/local/apache/conf/modsec/05_asl_exclude.conf
Include /usr/local/apache/conf/modsec/10_asl_antimalware.conf
#Include /usr/local/apache/conf/modsec/malware-blacklist.txt
#Include /usr/local/apache/conf/modsec/30_asl_antispam.conf
#Include /usr/local/apache/conf/modsec/domain-blacklist.txt
Include /usr/local/apache/conf/modsec/50_asl_rootkits.conf
#Include /usr/local/apache/conf/modsec/00_asl_rbl.conf

Was this answer helpful?

 Print this Article

Also Read

Installing mod_cloudflare on cPanel

You can install mod_cloudflare on your cPanel server by running the following command:sudo perl...

How to Change Your FTP Port

Lately FTP has been a problem for a lot of hosting providers. Especially since the recent influx...

Mysqldump dengan PHP

Berikut ini script untuk membuat backup database dengan mysqldump pada script php  ...

Install Clamav cPanel Command Line

Berikut perintah untuk install clamav tanpa harus login ke WHM...

EasyApache Bandwidth Module

The module used for limiting bandwidth usage differs depending on the branch of apache you are...

Powered by WHMCompleteSolution