The modsec_vendor Script

Valid for versions 82 through the latest version

Version:

82

Last modified: July 15, 2021

Overview

The /usr/local/cpanel/scripts/modsec_vendor script manages the vendors in your server’s ModSecurity® installation. You can also make these changes in WHM’s ModSecurity® Vendors interface (WHM » Home » Security Center » ModSecurity® Vendors).

Run the script

To use the /usr/local/cpanel/scripts/modsec_vendor script, run the following script:

/usr/local/cpanel/scripts/modsec_vendor [arguments]

Arguments

The /usr/local/cpanel/scripts/modsec_vendor script accepts the following arguments:

Argument	Description	Example
`list`	Lists the currently-installed vendors.	`/usr/local/cpanel/scripts/modsec_vendor list`
`add metadata YAML URL`	Installs a new vendor with the specified metadata, YAML information, and URL.	`/usr/local/cpanel/scripts/modsec_vendor add http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP3.yaml`
`remove vendor_id`	Removes the vendor with the specified vendor id.	`/usr/local/cpanel/scripts/modsec_vendor remove OWASP3`
`update vendor_id` `update metadata YAML URL` `update --auto`	Updates the vendor with the provided information. Note: If a `vendor_id` is provided, this command updates the vendor specified by that id from the same URL that was used to install it. If a URL is provided, this command updates an existing vendor from the specified URL. The URL need not be the same as the one used to originally install the vendor. If `--auto` is specified, updates all installed vendors for which auto-update is enabled using the URLs from which they were originally installed.	`/usr/local/cpanel/scripts/modsec_vendor update OWASP3` `/usr/local/cpanel/scripts/modsec_vendor update http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP3.yaml` `/usr/local/cpanel/scripts/modsec_vendor update --auto`
`enable vendor_id`	Enables a vendor.	`/usr/local/cpanel/scripts/modsec_vendor enable OWASP3`
`disable vendor_id`	Disables a vendor.	`/usr/local/cpanel/scripts/modsec_vendor disable OWASP3`
`enable-updates vendor_id`	Enables automatic updates for a vendor.	`/usr/local/cpanel/scripts/modsec_vendor enable_updates OWASP3`
`disable-updates vendor_id`	Disables automatic updates for a vendor.	`/usr/local/cpanel/scripts/modsec_vendor disable-updates OWASP3`
`enable-configs vendor_id`	Enables all configs for a vendor.	`/usr/local/cpanel/scripts/modsec_vendor enable-configs OWASP3`
`disable-configs vendor_id`	Disables all configs for a vendor.	`/usr/local/cpanel/scripts/modsec_vendor disable-configs OWASP3`