The ConfigServer ModSecurity Control(CMC) is another useful feature in which we can manage mod_security rules and configuration from within the WHM panel. CMC is a free add-on product for cPanel which provides a user-friendly web-interface for managing mod_security. Through this mod-security addon, we can enable or disable mod-security for a particular cPanel account or we can disable any individual rules on per account or per-domain basis. The following ones are the list of advantages of ConfigServer ModSecurity Control(CMC):
1) Disable mod_security rules that have unique ID numbers on a global, per cPanel user or per hosted domain level
2) Disable mod_security entirely, also on a global, per cPanel user or per hosted domain level
3) Edit files containing mod_security configuration settings in /usr/local/apache/conf
4) View the latest mod_security log entries
This feature also helps us to track the log entry for the domain which hosted on our server. Through that, we can understand if any of the rules cause any issues for the domains. So we can disable such rules for the domain through the interface.
I’ve listed out the requirements for this feature below:
1) Apache v2+
2) mod_security v2.5+ installed via EasyApache
3) A set of mod_security rules each of which uses a unique ID
Let’s discuss the steps to install ConfigServer ModSecurity Control in the cPanel server.
Installations:
cd /usr/src rm -fv /usr/src/cmc.tgz wget http://download.configserver.com/cmc.tgz tar -xzf cmc.tgz cd cmc sh install.sh rm -Rfv /usr/src/cmc*
Once the installation completed, then you can see the ConfigServer ModSecurity Control management area via your WHM panel under the section “Plugins”.