ModSecurity™ Configuration

Configure Global Directives

This interface allows you to configure a number of global settings for ModSecurity™. For more information about each supported directive, you can review additional details using the links provided with each directive.
SecAuditEngine
This setting controls the behavior of the audit engine.
Recommended
Debug Only Security Alert: We strongly recommend that you do not select this option. This option causes Apache to log every transaction, including your users’ and clients’ private data. The resulting log files will fill your system’s file partitions quickly.

SecConnEngine
This setting controls the behavior of the connections engine.
SecConnEngine
This setting controls the behavior of the connections engine.
If the “SecConnEngine” directive does not appear in “modsec2.conf”, its default value is “Off”.

SecRuleEngine
This setting controls the behavior of the rules engine.
SecRuleEngine
This setting controls the behavior of the rules engine.
If the “SecRuleEngine” directive does not appear in “modsec2.conf”, its default value is “Off”.

SecDisableBackendCompression
Disables backend compression while leaving the frontend compression enabled.
SecDisableBackendCompression
Disables backend compression while leaving the frontend compression enabled.
If the “SecDisableBackendCompression” directive does not appear in “modsec2.conf”, its default value is “Off”.

SecGeoLookupDb
Specify a path for the geolocation database.
SecGeoLookupDb
Specify a path for the geolocation database.

SecGsbLookupDb
Specify a path for the Google Safe Browsing Database.
SecGsbLookupDb
Specify a path for the Google Safe Browsing Database.

SecGuardianLog
Specify an external program to pipe transaction log information to for additional analysis. The syntax is analogous to the .forward file, in which a pipe at the beginning of the field indicates piping to an external program.
SecGuardianLog
Specify an external program to pipe transaction log information to for additional analysis. The syntax is analogous to the .forward file, in which a pipe at the beginning of the field indicates piping to an external program.

SecHttpBlKey
Specify a Project Honey Pot API Key for use with the @rbl operator.
SecHttpBlKey
Specify a Project Honey Pot API Key for use with the @rbl operator.

SecPcreMatchLimit
Define the match limit of the Perl Compatible Regular Expressions library.
SecPcreMatchLimit
Define the match limit of the Perl Compatible Regular Expressions library.

SecPcreMatchLimitRecursion
Define the match limit recursion of the Perl Compatible Regular Expressions library.
SecPcreMatchLimitRecursion
Define the match limit recursion of the Perl Compatible Regular Expressions library.
If the “SecPcreMatchLimitRecursion” directive does not appear in “modsec2.conf”, its default value is “1500”.

Interface Analytics

cPanel, L.L.C. uses Interface Analytics to help us understand how our customers use cPanel & WHM. We take your privacy very seriously, and you can stop data collection at any time. Find out more about Interface Analytics.

Will you allow Interface Analytics data collection for your account?