The modsec_vendor Script

Valid for versions 82 through the latest version

Version:

82


Last modified: July 15, 2021

Overview

The /usr/local/cpanel/scripts/modsec_vendor script manages the vendors in your server’s ModSecurity® installation. You can also make these changes in WHM’s ModSecurity® Vendors interface (WHM >> Home >> Security Center >> ModSecurity® Vendors).

Run the script

To use the /usr/local/cpanel/scripts/modsec_vendor script, run the following script:

/usr/local/cpanel/scripts/modsec_vendor [arguments]

Arguments

The /usr/local/cpanel/scripts/modsec_vendor script accepts the following arguments:

Argument Description Example
list Lists the currently-installed vendors. /usr/local/cpanel/scripts/modsec_vendor list
add metadata YAML URL Installs a new vendor with the specified metadata, YAML information, and URL. /usr/local/cpanel/scripts/modsec_vendor add http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP3.yaml
remove vendor_id Removes the vendor with the specified vendor id. /usr/local/cpanel/scripts/modsec_vendor remove OWASP3
update vendor_id

update metadata YAML URL

update --auto
Updates the vendor with the provided information.
Note:
  • If a vendor_id is provided, this command updates the vendor specified by that id from the same URL that was used to install it.
  • If a URL is provided, this command updates an existing vendor from the specified URL.
  • The URL need not be the same as the one used to originally install the vendor.
  • If --auto is specified, updates all installed vendors for which auto-update is enabled using the URLs from which they were originally installed.
/usr/local/cpanel/scripts/modsec_vendor update OWASP3

/usr/local/cpanel/scripts/modsec_vendor update http://httpupdate.cpanel.net/modsecurity-rules/meta_OWASP3.yaml

/usr/local/cpanel/scripts/modsec_vendor update --auto
enable vendor_id Enables a vendor. /usr/local/cpanel/scripts/modsec_vendor enable OWASP3
disable vendor_id Disables a vendor. /usr/local/cpanel/scripts/modsec_vendor disable OWASP3
enable-updates vendor_id Enables automatic updates for a vendor. /usr/local/cpanel/scripts/modsec_vendor enable_updates OWASP3
disable-updates vendor_id Disables automatic updates for a vendor. /usr/local/cpanel/scripts/modsec_vendor disable-updates OWASP3
enable-configs vendor_id Enables all configs for a vendor. /usr/local/cpanel/scripts/modsec_vendor enable-configs OWASP3
disable-configs vendor_id Disables all configs for a vendor. /usr/local/cpanel/scripts/modsec_vendor disable-configs OWASP3

Additional Documentation