Top

Directadmin Modsecurity Configuration

These are default directadmin configuration modsecurity with apache, that we are using our linux environment.

These setting maybe not suitable your server configuration depends OS and other things.

Example directadmin modsecurity configuration apache 2.4.x, mod_ruid2 & php 5.6:

# /etc/httpd/conf/extra/httpd-modsecurity.conf
<ifmodule mod_security2.c>
# Default recommended configuration
SecRuleEngine On
SecRequestBodyAccess On
SecDefaultAction "phase:2,deny,log,status:406"
SecRequestBodyLimitAction ProcessPartial
SecResponseBodyLimitAction ProcessPartial

SecPcreMatchLimit 250000
SecPcreMatchLimitRecursion 250000

SecCollectionTimeout 600

SecDebugLog /var/log/httpd/modsec_debug.log
SecDebugLogLevel 0
SecAuditEngine RelevantOnly

SecAuditLogType Concurrent
SecAuditLogStorageDir /var/log/modsec_audit

SecAuditLog /var/log/httpd/modsec_audit.log
SecUploadDir /tmp
SecTmpDir /tmp
SecDataDir /tmp
SecUploadFileMode 0644

# Needed to Clamav scan
SecTmpSaveUploadedFiles on

# ModSecurity Core Rules Set and Local configuration
IncludeOptional /etc/modsecurity.d/*.conf.main
IncludeOptional /etc/modsecurity.d/*.conf
</ifmodule>