Think of mod_security as an intrusion detection and prevention engine for web applications. Essentially, it will mitigate malicious http requests, namely cross-site scripting exploits, before apache itself even has a chance to fully process it. If configured correctly, mod_security can provide umbrella protection to vulnerable scripts/web-applications hosted by your users.
Grab the source and unpack (check for newest version at http://www.modsecurity.org/download/)
MOD_SECURITY INSTALLER FOR cPanel.
1. Run /scripts/easyapache and follow the on screen menu to enable the mod_security module within Apache 2.x. (This installs mod_security 2.5.5 which is required for this ruleset)
2. As root, run "wget -O /root/install_modsec_rules http://403security.org/modsec/install_modsec_rules"
3. As root, run "sh /root/install_modsec_rules" and follow the on screen instructions.
403Security has made a simple script to update your ModSecurity rules.
- wget -O /root/install_modsec_rules http://403security.org/modsec/install_modsec_rules
- sh /root/install_modsec_rules
Was this answer helpful?
If you are renting a server then chances are everything is lumped in / and a small amount...
Ports that must be open to run cPanel behind a firewall: 20 -- ftp tcp inbound/outbound 21 --...
pico -w /etc/ssh/sshd_config Find the line '#Port 22' and uncomment it and change it to look...
Use the last command.Example: last -30 will displaly the last 30 people.
Disabling Direct Root Login (SSH) If you're using cPanel make sure you add your anotheruser...