Here is a very simple script, I have written for my own use to auto update mod_security rules from Atomicorp server. You can use cronjobs to automate the process.
Dont forget to put your Atomicorp subscription username and password in the script.
1 2 3 4 5 6 7 8 9 10 | #!/bin/sh USER= PASS= DIR= /var/cpanel VER=`wget -q --user=$USER --password=$PASS http: //updates .atomicorp.com /channels/rules/subscription/VERSION -O - | grep MODSEC_VERSION | sed -r 's/^.{15}//' ` FILE_NAME=modsec-$VER. tar .bz2 wget -q --user=$USER --password=$PASS http: //updates .atomicorp.com /channels/rules/subscription/ $FILE_NAME -O - | tar jxf - -C $DIR /etc/init .d /httpd -k graceful |
In this case, the script will install the rules in /var/cpanel/modsec directory and reload the server gracefully.
Apparently you should have the following in your modsec2.user.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 | Include "/var/cpanel/modsec/000000_asl_modreqtimeout.conf" Include "/var/cpanel/modsec/00_asl_0_global.conf" Include "/var/cpanel/modsec/00_asl_rbl.conf" Include "/var/cpanel/modsec/00_asl_z_antievasion.conf" Include "/var/cpanel/modsec/00_asl_zz_strict.conf" Include "/var/cpanel/modsec/01_asl_content.conf" Include "/var/cpanel/modsec/01_asl_rules_special.conf" Include "/var/cpanel/modsec/03_asl_dos.conf" Include "/var/cpanel/modsec/05_asl_exclude.conf" Include "/var/cpanel/modsec/05_asl_scanner.conf" Include "/var/cpanel/modsec/09_asl_rules.conf" Include "/var/cpanel/modsec/09_asl_rules_antievasion.conf" Include "/var/cpanel/modsec/10_asl_antimalware.conf" Include "/var/cpanel/modsec/10_asl_antimalware_output.conf" Include "/var/cpanel/modsec/10_asl_rules.conf" Include "/var/cpanel/modsec/11_asl_adv_rules.conf" Include "/var/cpanel/modsec/11_asl_data_loss.conf" Include "/var/cpanel/modsec/11_asl_rules.conf" Include "/var/cpanel/modsec/12_asl_brute.conf" Include "/var/cpanel/modsec/20_asl_useragents.conf" Include "/var/cpanel/modsec/30_asl_antimalware.conf" Include "/var/cpanel/modsec/30_asl_antispam.conf" Include "/var/cpanel/modsec/30_asl_antispam_referrer.conf" Include "/var/cpanel/modsec/31_asl_urispam.conf" Include "/var/cpanel/modsec/40_asl_apache2-rules.conf" Include "/var/cpanel/modsec/50_asl_rootkits.conf" Include "/var/cpanel/modsec/51_asl_rootkits.conf" Include "/var/cpanel/modsec/60_asl_recons.conf" Include "/var/cpanel/modsec/61_asl_recons_dlp.conf" Include "/var/cpanel/modsec/98_asl_adv_redactor.conf" Include "/var/cpanel/modsec/98_asl_jitp.conf" Include "/var/cpanel/modsec/99_asl_a_redactor.conf" Include "/var/cpanel/modsec/99_asl_exclude.conf" Include "/var/cpanel/modsec/99_asl_jitp.conf" Include "/var/cpanel/modsec/99_asl_redactor.conf" Include "/var/cpanel/modsec/99_asl_redactor_post.conf" |