In this article, AZDIGI will help you install ModSecurity on DirectAdmin with CustomBuild 2.0 very simply.
I. What is ModSecurity?
ModSecurity, referred to as Modsec, is an open-source web application firewall.
With more than 70% of all attacks on the internet now being carried out at the web application level, organizations need all the help they can to keep their systems secure.
Many firewalls for web applications are implemented to establish an external layer of security that increases the level of protection, detecting and stopping attacks before they reach web-based software programs.
ModSecurity, Modsec for short, is an open-source web-based firewall (or WAF) application supported by various web servers: Apache, Nginx, and IIS.
II. Install ModSecurity on DirectAdmin with CustomBuild 2.0
To install ModSecurity on DirectAdmin with CustomBuild 2.0, follow these 3 steps.
Step 1: SSH into your DirectAdmin system
To install ModSecurity on DirectAdmin with CustomBuild 2.0, we first need to SSH or access your VPS/server with root privileges. If you don’t know how to SSH into your VPS/Server, you can refer to the following tutorial:
After successfully SSH, we continue with step 2 to check the version of CustomBuild in use.
Step 2: Check the Custombuild version
First, check if your VPS/Server is using CustomBuild 2.0 version. To check the version of CustomBuild you are using, please check out the following short tutorial:
In case your CustomBuild version is lower than 2.0 then you need to upgrade CustomBuild 1.x to 2.0 , you can check out the following tutorial:
After having CustomBuild 2.0, we continue to step 3 to perform the ModSecurity installation commands on DirectAdmin.
Step 3: Install ModSecurity on DirectAdmin with CustomBuild 2.0
ModSecurity on DirectAdmin has 2 sets of principles,
owasp. Since the
comodo rule set performs better than
owasp and produces fewer false positives, let’s use
comodo in the following installation commands.
In addition, the
comodo rule set will also install a plugin where you can manage the rules from DirectAdmin.
cd /usr/local/directadmin/custombuild ./build update ./build set modsecurity yes ./build set modsecurity_ruleset comodo ./build modsecurity ./build modsecurity_rules ./build rewrite_confs
Below is an image of installing ModSecurity on DirectAdmin on my VPS:
At this point, we have successfully installed ModSecurity on DirectAdmin. If you want to configure these rules more, you can continue to step 4.
Step 4: Configure ModSecurity rules
In this step, you need to log in to your DirectAdmin admin page as Admin, you will see the new feature that is
Comodo WAF as shown below:
When accessing this feature, you will be asked which rules to enable and vice versa. Depending on your needs, you can leave or disable some features, but usually, we should leave the default.
The same goes for the next page.
Later, if you want to turn these Rules on/off, go to the Catalog section.
If you want to turn off ModSecurity, go to the Server Manager section and select ModSecurity.
Next, tick SecRuleEngine to Off => select Save.
Hopefully, through this article, you have learned how to install ModSecurity on DirectAdmin and turn off ModSecurity when you want. Having ModSecurity on the system greatly reduces the chances of malware infection as well as attacks targeting your server.
Hope this article will be of help to you. Wishing you success!
See more useful articles about DirectAdmin at the following link:
If you need assistance, you can contact support in the ways below: