Search The Hostwinds Guides Knowledge Base

How to Configure ModSecurity in WHM

Hostwinds VPS, Cloud and Dedicated Server clients have the option to configure WHM to fit their needs. 

Your WHM comes with a free web app called ModSecurity. It’s helpful for dealing with common attacks, such as trojans, SQL injections, session hijacking and more. To adjust your ModSecurity settings on a global scale, log in to your WHM account and head to Security Center => ModSecurity Configuration.

 

ModSecurity Configuration icon in WHM

 

What Settings Can I Change?

On the Configure Global Directives you’ll be given an interface to configure your settings.  Review the list below to see what you can adjust.

  • Audit Log Level – Change the behaviour of the audit engine and for which transactions would be logged.
  • Connections Engine – Determines the behaviour of the connections engine (SecConnEngine), if it should process rules or not.
  • Rules Engine – Like the connections engine setting, this applies to the rules engine(SecRuleEngine) and if it should process the rules.
  • Backend Compression – This setting allows disabling of backend compression, while leaving the frontend compression enabled for use.
  • Geolocation Database – Here you can specify a path to the Geolocation database that you will be using. By default, this will be blank.
  • Google Safe Browsing Database – Similar to the Geolocation Database, though this applies to Google Safe Browsing. This is blank as well.
  • Guardian Log – This allows you to set an external program to pip the transaction logs to for additional analysis.
  • Project Honey Pot Http:BL API Key – You can specify your API key for use with the @rbl operator.
  • Perl Compatible Regular Expressions Library Match Limit – Specify the match limit of the Perl Compatible Regular Expressions Library, by default this will be 1500 (even if left blank).
  • Perl Compatible Regular Expressions Library Match Limit Recursion – Similar to the option above, except this affects the Match Limit Recursion for the same library.

 

If you should have any questions or would like assistance, do feel free to contact us through Live Chat, on our Phones, or by submitting a ticket with our Technical Support team.