How to Enable ModSecurity™ Domain Manager via WHM Panel?

Deploying ModSecurity, an open-source web application firewall (WAF) from cPanel, is a viable solution against various online threats. Before users can utilize the application on their domains, it is essential to activate the ModSecurity™ Domain Manager via WHM on the server. 

To enable ModSecurity™ Domain Manager, follow these steps:

  1. Log in to the WHM interface using your root account.

  2. Navigate to the Security Center in the menu options.

https://www.milesweb.in/hosting-faqs/wp-content/uploads/2021/08/whm_security_center.png

  1. Select "ModSecurity™ Vendors."

https://www.milesweb.in/hosting-faqs/wp-content/uploads/2021/08/whm_modsecurity_vendors.png

The Manage Vendors page will be displayed.

  1. Initially, install the "OWASP ModSecurity Core Rule Set VX.X" version from the vendor by clicking on +install.

https://www.milesweb.in/hosting-faqs/wp-content/uploads/2021/08/whm_modsecurity_install.png

  1. Select the "Install and Restart Apache" button.

https://www.milesweb.in/hosting-faqs/wp-content/uploads/2021/08/whm_install_restart_apache.png

The system will display a success message: "You have successfully installed the vendor: OWASP ModSecurity Core Rule Set VX.X."

  1. Turn on the toggle button in the Enabled column.

https://www.milesweb.in/hosting-faqs/wp-content/uploads/2021/08/whm_modsecurity_enable_toggle.png

It will encompass all sets of the ModSecurity application for the installed vendor.

You can customize the sets included in the ModSecurity application for the vendor.

  1. Select "Edit."

https://www.milesweb.in/hosting-faqs/wp-content/uploads/2021/08/whm_modsecurity_edit.png

  1. Adjust the status of any sets to On or Off for the vendor's ModSecurity based on your preferences.

https://www.milesweb.in/hosting-faqs/wp-content/uploads/2021/08/whm_modsecurity_edit_enable.png

Now, you need to activate the ModSecurity feature for your cPanel accounts.

To Enable ModSecurity for cPanel Accounts:

  1. Return to the home page of the interface.

  2. Choose the "Packages" option from the navigation menu.

https://www.milesweb.in/hosting-faqs/wp-content/uploads/2019/10/whm_packages.png

  1. Access the Feature Manager.

https://www.milesweb.in/hosting-faqs/wp-content/uploads/2019/10/whm_feature_manager.png

You have two options here:

  • Add a new features list: Create a new feature list from the beginning and apply it to a cPanel account.

  • Manage feature list: Add the ModSecurity™ Domain Manager feature to the existing list you are currently using for a cPanel account.

Let's choose the second option.

  1. Click the "Edit" button under the Manage feature list.

https://www.milesweb.in/hosting-faqs/wp-content/uploads/2019/12/whm_feat_list_edit.jpg

The list of all available features for your server will be displayed.

  1. Check the box for the ModSecurity™ Domain Manager feature.

https://www.milesweb.in/hosting-faqs/wp-content/uploads/2021/08/whm_modsecurity_feature_list.png

  1. Scroll down and click the Save button.

By doing so, you will have activated ModSecurity for the cPanel accounts. Users can manage the application's status through their cPanel interface, enabling or disabling it as needed.


Was this article helpful?

mood_bad Dislike 0
mood Like 0
visibility Views: 517