Install FREE modsecurity rules for 2014
Whereas gotroot decided to go to a paid version of mod security rules this has left low margin web hosts and a bit out in the cold. Comodo has awesomely stepped in to provide a free ruleset and a WHM app. More information can be found on their website here.
To install you will need to sign up as a member (free). And download and install the WHM tool.
Pre-requisite - be sure to run easyapache and have the latest version of Mod Security installed (currently 2.7.7) or errors will be displayed after installing the Comodo app.
To install quickly:
In SSH session as root, in the root directory run the following commands:
Go through install procedure,
enter username and password to Comodo that you used when you signed up when it asks,
This is where the comodo intructions get sketchy. It will not work until you link to the rule set in the mod_security config file (via WHM). When finished installing, log into WHM on your VPS or dedicated server. Scroll down to Mod Security link and replace* or add to the config file with the following line and save, then restart apache:
* you will replace everything in there with this one line if the default rules or your old huge list of rules are there
Click (in WHM still) Comodo WAF link and download the latest rules (currently 0.41), this will download the latest rule set.
Restart the Apache web server. Although, the Comodo WAF app will also restart apache after downloading the rules, and if there is an error it will revert to no rules, which is kind of nice.
Install is complete.
Optionally, install the CSF mod_security controller in order to have some further browser based control over mod_security.
tar -xzf cmc.tgz
Refresh WHM and scroll to the bottom of the left hand menu and you should see "ConfigServer ModSecurity Control"
To make sure it is working - After a while check the log file and look for pattern matches with the COMODO WAF rules showing up. On a fairly busy server it should show up quickly.
Update: After twitting this we were contacted by ModSecurity about this page.
Was this answer helpful?
Before you install cPanel & WHM or cPanel DNSONLY, you should know that: Because cPanel is...
After purchasing the license, SSH to your cPanel server as root and run...
On Page-Zone servers and VPS (virtual private servers) running Linux Operating system where the...
Monitoring or reboots can be easily taken care of on the road as our control panel will format...
The following partial list of main features are available from inside your VPS control panel:...