Edit file:
[root@cpanel]# nano -w /etc/apache2/conf.d/modsec/modsec2.user.conf
Syntax
SecRemoteRules SerialKey https://rules.malware.expert/download.php?rules=generic
And replace SerialKey with your subscription serial key!
modsec2.user.conf
### Malware.Expert - ModSecurity rules ## CPanel configuration # SecComponentSignature "ME WAF" SecResponseBodyAccess Off SecDefaultAction "phase:1,deny,log,status:406" SecDefaultAction "phase:2,deny,log,status:406" SecRemoteRulesFailAction Warn SecUploadDir /tmp SecTmpDir /tmp SecUploadFileMode 0644 # Needed to Clamav scan SecTmpSaveUploadedFiles on SecRequestBodyAccess On # If ClamAV Installed #SecRule FILES_TMPNAMES "@inspectFile /usr/local/bin/runav.pl" \ #"phase:2,t:none,block,msg:'Virus found in uploaded file',id:'399999'" SecRemoteRules SerialKey https://rules.malware.expert/download.php?rules=generic
Restart apache to load rules!