Get list of customers with modsecurity "off"

[sahostking]

We find from time to time customers that turn off modsecurity. This causes issues with security for their websites.

Anyone know how to get a list of all domains that have turned it off in modsecurity?

I'd like to turn it on for all and then hide the icon from the menu section in directadmin so now one can turn it off at all and let support rather assist in sorting out the actual issue rather than having an important feature like this off.

 

[Hostmavi]

Hi
if you wan to disable modsecurity icon user DA panel just use command

/usr/local/directadmin/direcadmin set never_commands CMD_MODSECURITY
service directadmin restart

check the file if this file exist than user(s) made Change on the modsecurity Setting for domain
username = DA username
domainmane = user domain

/usr/local/directadmin/data/users/username/domains/domainname.modsecurity_rules

in the file check this

SecRuleEngine Off (modsecurity disabled)

SecRuleEngine ON (modsecurity enabled)

if you made any manuel changing on the file you have to restart apache



use following command list all users modsecurity Off

find /usr/local/directadmin/data/users/* -type f -exec grep -H 'SecRuleEngine Off' {} \;

ps don't delet the file

/usr/local/directadmin/data/users/username/domains/domainname.modsecurity_rules

just edit it SecRuleEngine ON to enable modsecurity .

or enable it again from DA panel from users
!! do it befor you disable modsecurity icon from users DA panel !!

 

[sahostking]

Thanks this helps alot