This function adds, updates, and removes global ModSecurity™ configuration directives.
The function modifies these directives in the /usr/local/apache/conf/modsec2.cpanel.conf
file.
Important:
When you disable the Web Server role, the system disables this function.
This function only supports the following ModSecurity™ configuration directives:
setting_id | Documentation |
---|---|
0 | SecAuditEngine |
1 | SecConnEngine |
2 | SecRuleEngine |
3 | SecDisableBackendCompression |
4 | SecGeoLookupDb |
5 | SecGsbLookupDb |
6 | SecGuardianLog |
7 | SecHttpBlKey |
8 | SecPcreMatchLimit |
9 | SecPcreMatchLimitRecursion |
setting_id required | integer [ 0 .. 9 ] The configuration setting's ID. Note: To configure multiple IDs, increment the parameter name. For example, setting_id=setting_id1=1 setting_id2=2 setting_id3=3 setting_id=1 |
required | string or string or string or string or integer The configuration setting's current state.
Some settings accept additional values for this parameter. See the references above for more inforamation. Note:
state=state1=On state2=On state3=Off state=On |
remove | integer Default: 0 Whether to add or remove the configuration setting in the
remove=remove1=0 remove2=1 remove3=0 remove=1 |
object | |
object |
whmapi1 --output=jsonpretty \ modsec_batch_settings \ setting_id='1' \ state='On'
{- "data": {
- "updated_settings": [
- {
- "default": 1500,
- "description": "define the match limit of the PCRE library.",
- "directive": "SecAuditEngine",
- "engine": 1,
- "name": "Audit Log Level",
- "radio_options": [
- {
- "name": "Log all transactions.",
- "option": "On"
}
], - "setting_id": 1,
- "state": "On",
- "type": "radio",
}
]
}, - "metadata": {
- "command": "modsec_batch_settings",
- "reason": "OK",
- "result": 1,
- "version": 1
}
}