Mod_security enable and disable in panel

skym4n

Verified User
Joined
Aug 1, 2020
Messages
83
Location
Brazil
Hello, a very interesting feature that has in cpanel is the user option to disable modsecurity through the panel.

Does Directadmin have this option?

I have a client that uses Moodle, I'm having a problem with modsecurity, the only way I found to solve the problem in moodle was to disable modsecurity on the entire server.

I am using Openlitespeed, is there any tool on the panel to disable this client only?

Error log

Code:
{"transaction":{"client_ip":"xx.70.33.153","time_stamp":"Thu Aug 13 10:27:08 2020","server_id":"4fc23b978f8fdcdb29b63f0f2c07f7ceb49a5483","client_port":11951,"host_ip":"xxssa-consultores.online","host_port":443,"unique_id":"159732522877.942380","request":{"method":"POST","http_version":1.1,"uri":"/lib/editor/atto/a$
{"transaction":{"client_ip":"xx.70.33.153","time_stamp":"Thu Aug 13 10:28:08 2020","server_id":"4fc23b978f8fdcdb29b63f0f2c07f7ceb49a5483","client_port":11951,"host_ip":"xxssa-consultores.online","host_port":443,"unique_id":"159732528864.079052","request":{"method":"POST","http_version":1.1,"uri":"/lib/editor/atto/a$
{"transaction":{"client_ip":"xx.70.33.153","time_stamp":"Thu Aug 13 10:29:08 2020","server_id":"4fc23b978f8fdcdb29b63f0f2c07f7ceb49a5483","client_port":11951,"host_ip":"xxssa-consultores.online","host_port":443,"unique_id":"159732534820.846562","request":{"method":"POST","http_version":1.1,"uri":"/lib/editor/atto/a$
{"transaction":{"client_ip":"xx.70.33.153","time_stamp":"Thu Aug 13 10:30:08 2020","server_id":"4fc23b978f8fdcdb29b63f0f2c07f7ceb49a5483","client_port":11951,"host_ip":"xxssa-consultores.online","host_port":443,"unique_id":"159732540873.769177","request":{"method":"POST","http_version":1.1,"uri":"/lib/editor/atto/a$
{"transaction":{"client_ip":"xx.70.33.153","time_stamp":"Thu Aug 13 10:31:08 2020","server_id":"4fc23b978f8fdcdb29b63f0f2c07f7ceb49a5483","client_port":11951,"host_ip":"xxssa-consultores.online","host_port":443,"unique_id":"159732546817.393454","request":{"method":"POST","http_version":1.1,"uri":"/lib/editor/atto/a$
 
This option is not displayed on my panel.

I see you use a thema with an old look, is this my problem? how do i use this thema?

Thank you for your help.

hoje1.png
hoje2.png
 
yes mod security is installed and enabled, i am using openlitespeed, this may be the problem.
from what I saw I also can't disable it by .htacess.
 
@smtalk I did the step-by-step above, but I didn't notice a difference.


Should the option appear to disable modsecurity on the account?

Code:
[root@servidor directadmin]# ./directadmin o
Compiled on 'CentOS 7.0 64-Bit'
Compile time: Aug 13 2020 at 11:17:57
Timestamp: '1597339041'
Compiled with IPv6
Static binary: yes
commit sha: 6f8827a
gettext support: yes
gettext path: /usr/local/directadmin/data/lang
 
@smtalk the option appears on the panel, but it does not work.

I already added the rule and it didn't work, I even put the option off. it also didn't work. Has this been tested with openlitespeed?


bessamod1.png
bessamod2.png
 
yes, it was restarted but not work.

Where is this setting saved? is it in any file in the hosting account? if possible inform so that I can check if after the change is generating any change.
 
Replace username with the real user:
Code:
/usr/local/directadmin/data/users/username/openlitespeed.conf
 
I checked, it doesn't really work, no settings are saved in this file.

Code:
# Auto generated openlitespeed config file by DirectAdmin version 1.61.3
# Modifying this file is not recommended as any changes you make will be
# overwritten when the user makes any changes to their website

# For global config changes that affect all Users, see this guide:
# http://help.directadmin.com/item.php?id=2
# For local config changes that only affect one User, see this guide:
# http://help.directadmin.com/item.php?id=3


virtualHost xxxx-consultores.online-80 {
  user                    cxxxx
  group                   cxxxx
  vhRoot                  /home/cxxxx
  allowSymbolLink         1
  enableScript            1
  restrained              1
  setUIDMode              2
  # listeners  listener1, listener2, listener3
  listeners xxxx-99-47-145-80
  #VirtualHost config settings
  docRoot                   /home/cxxxx/domains/xxxx-consultores.online/public_html
  vhDomain                  xxxx-consultores.online
  vhAliases                 www.xxxx-consultores.online
  adminEmails               [email protected]
  enableGzip                1
  enableIpGeo               1
  errorlog /var/log/httpd/domains/xxxx-consultores.online.error.log {
    useServer               0
    logLevel                NOTICE
    rollingSize             0
  }
  accesslog /var/log/httpd/domains/xxxx-consultores.online.log {
    useServer               0
        logFormat               %a %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"
    logHeaders              5
    rollingSize             0
  }
  accesslog /var/log/httpd/domains/xxxx-consultores.online.bytes {
    useServer               0
    logFormat               %O %I
    rollingSize             0
  }
  scripthandler  {
    add                     lsapi:lsphp72 inc
    add                     lsapi:lsphp72 php
    add                     lsapi:lsphp72 phtml
    add                     lsapi:lsphp72 php72
  }
  phpIniOverride  {
    php_admin_flag engine ON
    php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f [email protected]"
    php_admin_value open_basedir "/home/cxxxx/:/tmp:/var/tmp:/opt/alt/php72/usr/share/pear/:/dev/urandom:/usr/local/lib/php/:/usr/local/php72/lib/php/"
    php_admin_value mail.log /home/cxxxx/.php/php-mail.log
  }
  rewrite  {
    enable                  1
    autoLoadHtaccess        1
  }
  # include aliases
  include /usr/local/lsws/conf/httpd-alias.conf
}

virtualHost xxxx-consultores.online-443 {
  user                    cxxxx
  group                   cxxxx
  vhRoot                  /home/cxxxx
  allowSymbolLink         1
  enableScript            1
  restrained              1
  setUIDMode              2
  # listeners  listener1, listener2, listener3
  listeners xxxx-99-47-145-443
  #VirtualHost config settings
  docRoot                   /home/cxxxx/domains/xxxx-consultores.online/private_html
  vhDomain                  xxxx-consultores.online
  vhAliases                 www.xxxx-consultores.online
  adminEmails               [email protected]
  enableGzip                1
  enableIpGeo               1
  errorlog /var/log/httpd/domains/xxxx-consultores.online.error.log {
    useServer               0
    logLevel                NOTICE
    rollingSize             0
  }
  accesslog /var/log/httpd/domains/xxxx-consultores.online.log {
    useServer               0
        logFormat               %a %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"
    logHeaders              5
    rollingSize             0
  }
  accesslog /var/log/httpd/domains/xxxx-consultores.online.bytes {
    useServer               0
    logFormat               %O %I
    rollingSize             0
  }
  scripthandler  {
    add                     lsapi:lsphp72 inc
    add                     lsapi:lsphp72 php
    add                     lsapi:lsphp72 phtml
    add                     lsapi:lsphp72 php72
  }
  phpIniOverride  {
    php_admin_flag engine ON
    php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f [email protected]"
    php_admin_value open_basedir "/home/cxxxx/:/tmp:/var/tmp:/opt/alt/php72/usr/share/pear/:/dev/urandom:/usr/local/lib/php/:/usr/local/php72/lib/php/"
    php_admin_value mail.log /home/cxxxx/.php/php-mail.log
  }
  rewrite  {
    enable                  1
    autoLoadHtaccess        1
  }
  vhssl  {
    keyFile                 /usr/local/directadmin/data/users/cxxxx/domains/xxxx-consultores.online.key
    certFile                /usr/local/directadmin/data/users/cxxxx/domains/xxxx-consultores.online.cert.combined
    certChain               1
    sslProtocol             24
  }
  # include aliases
  include /usr/local/lsws/conf/httpd-alias.conf
 
Please let us know the output of:
Code:
grep -r MOD_SECURITY_RULES /usr/local/directadmin/data/templates/
ls /usr/local/directadmin/data/templates/custom
 
Okay, one more then:
Code:
grep -r modsecurity_rules_file /usr/local/directadmin/data/users/
 
Back
Top