Page 1 of 1
Is there any way to allow customer disable ModSecurity rules directly?
Posted: 08 Dec 2020, 17:44
by geekytone
Hello,
Is there any way to allow customer disable ModSecurity rules directly? Because at this time, I have to manage all tickets related to ModSecurity one by one and setup them in the CMC at the WHM side.
Re: Is there any way to allow customer disable ModSecurity rules directly?
Posted: 18 Dec 2020, 18:59
by jcx
I was wondering the same thing too. I love CMC, but it would be nice if you could allow an end-user (A cPanel user) to be able to control which rules are enabled or disabled, without having to file a support ticket each time. Similar to how it works with MSFE?
I think what would be awesome is to be able to specify which rules can be controlled by an end user for compatibility. I know cPanel has a 'Mod Security' module which you can enable, but I find that if people experience problems with mod security, they are likely to just completely disable it for a domain, rather than whitelist the rules that are causing compatibility issues with whatever software they are using. So not only do you lose the additional protection offered against vulnerabilities in unpatched software, but also disable the quite useful features too like brute-force protection.
Of course, if it doesn't make sense to an end user, they are still quite free to open a support ticket, just some people are 'advanced users' so already know how to fix it.
Just an idea?
Kind regards,
Jessica
Re: Is there any way to allow customer disable ModSecurity rules directly?
Posted: 18 Oct 2021, 23:08
by FutherForward20
Most users don't have a clue about Modsec which is why they hire you. If they do understand how to use it and disable rules etc, then really why are they using cpanel ? they should probably be running their own server.
I'd say leave things as they are and use the opportunity to sell your maintenance expertise to the end user. Make it chargeable work - or do you always give away your time for free? In which case, you're too cheap.
Re: Is there any way to allow customer disable ModSecurity rules directly?
Posted: 19 Oct 2021, 04:24
by Sergio
geekytone wrote: ↑08 Dec 2020, 17:44
Hello,
Is there any way to allow customer disable ModSecurity rules directly? Because at this time, I have to manage all tickets related to ModSecurity one by one and setup them in the CMC at the WHM side.
Yes, there is a way for what you want.
In WHM go to future manager and edit the default user list and enable the option:
ModSecurity™ Domain Manager
That option allows your customers to Turn ON or OFF ModSecurity as pleased.
So, when one of my customers had issues working on a web page or updating blogs, etc. I recommend him to go to that option in cPanel and turned it OFF while he is working on the site and I told him to be double sure to enable ModSecurity again when he finish working so the site will be protected again.
This had worked for me really nice.
Sergio