Knowledgebase

Portal Home > Knowledgebase > cPanel > Install Mod_Sec Control di cpanel

Install Mod_Sec Control di cpanel

1. install ConfigServer ModSecurity Control (cmc) http://www.configserver.com/cp/cmc.html untuk mempermudah management user


2. download rule dari http://www.gotroot.com/mod_security+rules dan upload ke direktori /usr/local/apache/conf/modsec, create direktori modsec kalau tidak ada

3. Download semua rule misal

wget http://downloads.prometheus-group.com/delayed/rules/modsec/00_asl_whitelist.conf
wget http://downloads.prometheus-group.com/delayed/rules/modsec/05_asl_exclude.conf
wget http://downloads.prometheus-group.com/delayed/rules/modsec/10_asl_antimalware.conf
wget http://downloads.prometheus-group.com/delayed/rules/modsec/malware-blacklist.txt
wget http://downloads.prometheus-group.com/delayed/rules/modsec/30_asl_antispam.conf
wget http://downloads.prometheus-group.com/delayed/rules/modsec/domain-blacklist.txt
wget http://downloads.prometheus-group.com/delayed/rules/modsec/50_asl_rootkits.conf
wget http://downloads.prometheus-group.com/delayed/rules/modsec/00_asl_rbl.conf

4. Mod_sec configurasi

# ConfigServer ModSecurity whitelist file
Include /usr/local/apache/conf/modsec2.whitelist.conf

SecRule REQUEST_URI "x=ftpquickbrute" "deny"
SecRule REQUEST_URI "wrobot\.php"
SecRule REQUEST_URI "/wrobot/"

SecCacheTransformations Off
SecRequestBodyAccess On
SecResponseBodyAccess On
SecResponseBodyMimeType (null) text/html text/plain text/xml
SecResponseBodyLimit 2621440
SecArgumentSeparator "&"
SecCookieFormat 0
SecRequestBodyInMemoryLimit 131072
SecResponseBodyLimitAction ProcessPartial
SecUploadDir /tmp
SecTmpDir /tmp
SecDataDir /tmp
SecServerSignature Apache
SecPcreMatchLimit 100000
SecPcreMatchLimitRecursion 100000

#Include /usr/local/apache/conf/modsec/00_asl_whitelist.conf
Include /usr/local/apache/conf/modsec/05_asl_exclude.conf
Include /usr/local/apache/conf/modsec/10_asl_antimalware.conf
#Include /usr/local/apache/conf/modsec/malware-blacklist.txt
#Include /usr/local/apache/conf/modsec/30_asl_antispam.conf
#Include /usr/local/apache/conf/modsec/domain-blacklist.txt
Include /usr/local/apache/conf/modsec/50_asl_rootkits.conf
#Include /usr/local/apache/conf/modsec/00_asl_rbl.conf

Apakah ini membantu?
39 Pengguna Menemukan Ini Bermanfaat 82 Votes

Also Read