ModSecurity - default disabled - how ?

[matkra]

Hello,

I would like to have ModSecurity disabled by default for new users/domains.

Users who wish to enable it can do so themselves - turn it on intentionally for every domain.

How to configure the DA to add a "SecRuleEngine off" entry in .modsecurity_rules file for new domains/users?

Can I use custom /usr/local/directadmin/data/templates/mod_security_rules.conf for this purpose?

Like:

SecRuleEngine off
|CUSTOM1|
|FLAGS|
|DISABLEDRULES|
|CUSTOM2|

 

[matkra]

Or incorporate some logic into the "domain_create_post.sh" script to generate a ".modsecurity_rules" file for every new domain with "SecRuleEngine off" ?

Perhaps someone has an idea on how to solve this ?

 

[zEitEr]

Hello,

Not too sure how much actual is it now. At least you might try it out:

- https://help.poralix.com/articles/how-to-manage-modsecurity-with-directadmin
and update us with results.

 

[matkra]

My workaround (I don't know if it's the most elegant one, but it works):

/usr/local/directadmin/scripts/custom/domain_create_post.sh

# ModSecurity disabled for new domains
F=/usr/local/directadmin/data/users/$username/domains/$domain.modsecurity_rules

if [ ! -f $F ]; then
echo "" > $F
echo "SecRuleEngine Off" >> "$F"
/usr/bin/chown diradmin:diradmin $F
fi

/usr/local/directadmin/scripts/custom/subdomain_create_post.sh

# ModSecurity disabled for new subdomains
D=/usr/local/directadmin/data/users/$username/domains/$domain.subdomains_modsecurity_rules
F=/usr/local/directadmin/data/users/$username/domains/$domain.subdomains_modsecurity_rules/$subdomain.modsecurity_rules

if [ ! -d "$D" ]; then
mkdir -p "$D"
/usr/bin/chown diradmin:diradmin "$D"
fi

if [ ! -f $F ]; then
echo "" > $F
echo "SecRuleEngine Off" >> "$F"
/usr/bin/chown diradmin:diradmin "$F"
fi