Security --> Mod Security
In this module you can install, uninstall and configure the server’s security policies.
In the Installation tab there are options that you can only use if you acquire the license.
Mod Security in CWP:
.-Login to CWP as root
.-Go to Security-> Security Mod. You will see a message here Mod Security configuration is: not installed
.-Choose which rules you want to use and click the Install Mod Security button.
You have three options for the rules:
.-OWASP old (Old rules that come by default with CWP)
.-OWASP Latest (Latest version of OWASP rules with automatic updates) [CWPprorequired]
.-Comodo WAF (latest version of Comodo WAF rules with automatic updates) [CWPprorequired]
Confirm in the dialog that you really want to install Mod Security
You will see a log of the installation and the message Mod Security Successfully Installed
To modify the general rules, you can go at any time to Security-> Mod Security and look at the files:
Main configuration -> /usr/local/apache/conf.d/mod_security.conf
Rules configuration -> /usr/local/apache/modsecurity-owasp-old/owasp.conf
Disabled rules -> /usr/local/apache/modsecurity-owasp-old/global_disabled_rules.conf
On the Mod Security page, you can also assign rules for individual domains / subdomains. Just choose the domain from the dropdown list and click the Modify User Whitelist button.
Configuration: You can choose how you want to handle the security rules based on priority.
Accounts: You can enable or disable Mod Security by domain and by user.
You can edit the security rules and verify if any IP is blocked or has had an error with the defined security rules.
Error Log: You will be able to see the list of all the locks that the server has made according to the Mod Security configuration established.
Click play the video to know how Mod Security works.