Array
(
    [0] => Warning
    [1] => Undefined array key "language"
    [2] => /home/whmcsdev/public_repo/wbteampro.major-release/installation/modules/addons/wbteampro/initialize.php
    [3] => 282
)

Array
(
    [0] => Warning
    [1] => Undefined property: stdClass::$state
    [2] => /home/whmcsdev/public_repo/wbavatax.master/installation/modules/addons/wbavatax/hooks.php
    [3] => 942
)

Array
(
    [0] => Deprecated
    [1] => htmlspecialchars(): Passing null to parameter #1 ($string) of type string is deprecated
    [2] => /home/whmcsdev/public_repo/wbavatax.master/installation/modules/addons/wbavatax/hooks.php
    [3] => 279
)
Notes on MOD Security - Knowledgebase - WHMCS Dev

  Categories

Business Consulting
2
Microsoft Windows Environment
15
Search Optimization
2
Software Documentation
37
Web Design & Development
22
Web Site Hosting
38

  Categories

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket
Dev License: This installation of WHMCS is running under a Development License and is not authorized to be used for production use. Please report any cases of abuse to abuse@whmcs.com

Notes on MOD Security Print

  • 7
mod_security, modsec, or ModSecurity as it's called by the maker Atomicorp has been a standard on Apache hosting servers for some time now.  If you are hosting for a wide range of client types you undoubtably have run into a few issues with the strict rules implemented by default with some hosting providers.

Viewing the ModSecurity Log

The Mod Security Log can be found on a typical server here:
/usr/local/apache/logs/error_log

Searching for something specific in the Mod Security log can be an easy GREP request:
grep "yadda yadda" /usr/local/apache/logs/error_log

Whitelisting a server IP for All Rules

The whitelist file is typically first to be included and can be used to dictate that some or all rules be ignored for a website or IP address.

Edit the whitelist file with your favorite editor!
vi /usr/local/apache/conf/modsec/00_asl_whitelist.conf

Commands can be complicated, for example:
SecRule REMOTE_ADDR "^1\.2\.3\.4" "id:12345,phase:2,t:none,pass,nolog,noauditlog,ctl:ruleRemovebyID=7777"

In the above we are whitelisting the IP address 1.2.3.4 for the rule 7777.

Reference the ModSecurity manual for details:
http://www.atomicorp.com/wiki/index.php/Mod_security

Remember to Restart the HTTPD server to effect changes

service httpd restart

Was this answer helpful?

Related Articles

Setting up an SSL Certificate for a Subdomain This article is intended for Web Site Administrators with full control of a dedicated server,... How to Change the "Great Success" Default Apache Welcome Page How do i get rid of the page that says Great Success ! Apache is working on your cPanel® and... Setup your Web Site to run PHP4 On some of our hosting servers, we offer the option to run either PHP Version 5 or PHP Version... How to set HTML files to run PHP Code Sometimes it can be beneficial to include PHP code within your HTML files.  Typically you... Installing SPF Records for Spam Compliance Source: http://www.openspf.org/Introduction The Sender Policy Framework (SPF) is an open...
« Back

Powered by WHMCompleteSolution

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket