ConfigServer ModSecurity Control (cmc)
This is an exclusive! and free! add-on product for cPanel/WHM. The product provides you with an interface to the cPanel mod_security implementation from within WHM.
With ConfigServer ModSecurity Control you can:
- Disable mod_security rules that have unique ID numbers on a global, per cPanel user or per hosted domain level
- Disable mod_security entirely, also on a global, per cPanel user or per hosted domain level
- Edit files containing mod_security configuration settings in /usr/local/apache/conf
- View the latest mod_security log entries
- Apache v2+
- mod_security v2.5+ installed via Easyapache
- A set of mod_security rules each of which uses a unique ID
A recommended selection of rules can be obtained from ModSecurity Core Rule Set Project and Got Root. Care should be exercised with these rulesets as they can increase server resource usage by Apache child processes significantly.
This utility uses concepts explained in this section of the cPanel documentation.
The latest version of cmc can be downloaded here: cmc.tgz
Please visit our ConfigServer Scripts Forum
This application is released under our script license. It is released free of charge, with no warranty to its suitability. There is no support provided with this application except through our online help forums.
While we are happy to provide these scripts for free, we are a small outfit that runs on a slim margin. If you do decide to use them, we'd be eternally grateful for any donation you think might express your gratitude so that we can continue to develop and provide them:
That's it. If you don't feel confident doing any of this yourself, or if you get into a horrible mess, we do have cPanel Server Services that include the installation and configuration of this application.