Here is a very simple script, I have written for my own use to auto update mod_security rules from Atomicorp server. You can use cronjobs to automate the process.
Dont forget to put your Atomicorp subscription username and password in the script.
1 2 3 4 5 6 7 8 9 10 | #!/bin/shUSER=PASS=DIR=/var/cpanelVER=`wget -q --user=$USER --password=$PASS http://updates.atomicorp.com/channels/rules/subscription/VERSION -O - | grep MODSEC_VERSION | sed -r 's/^.{15}//'`FILE_NAME=modsec-$VER.tar.bz2wget -q --user=$USER --password=$PASS http://updates.atomicorp.com/channels/rules/subscription/$FILE_NAME -O - | tar jxf - -C $DIR/etc/init.d/httpd -k graceful |
In this case, the script will install the rules in /var/cpanel/modsec directory and reload the server gracefully.
Apparently you should have the following in your modsec2.user.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 | Include "/var/cpanel/modsec/000000_asl_modreqtimeout.conf"Include "/var/cpanel/modsec/00_asl_0_global.conf"Include "/var/cpanel/modsec/00_asl_rbl.conf"Include "/var/cpanel/modsec/00_asl_z_antievasion.conf"Include "/var/cpanel/modsec/00_asl_zz_strict.conf"Include "/var/cpanel/modsec/01_asl_content.conf"Include "/var/cpanel/modsec/01_asl_rules_special.conf"Include "/var/cpanel/modsec/03_asl_dos.conf"Include "/var/cpanel/modsec/05_asl_exclude.conf"Include "/var/cpanel/modsec/05_asl_scanner.conf"Include "/var/cpanel/modsec/09_asl_rules.conf"Include "/var/cpanel/modsec/09_asl_rules_antievasion.conf"Include "/var/cpanel/modsec/10_asl_antimalware.conf"Include "/var/cpanel/modsec/10_asl_antimalware_output.conf"Include "/var/cpanel/modsec/10_asl_rules.conf"Include "/var/cpanel/modsec/11_asl_adv_rules.conf"Include "/var/cpanel/modsec/11_asl_data_loss.conf"Include "/var/cpanel/modsec/11_asl_rules.conf"Include "/var/cpanel/modsec/12_asl_brute.conf"Include "/var/cpanel/modsec/20_asl_useragents.conf"Include "/var/cpanel/modsec/30_asl_antimalware.conf"Include "/var/cpanel/modsec/30_asl_antispam.conf"Include "/var/cpanel/modsec/30_asl_antispam_referrer.conf"Include "/var/cpanel/modsec/31_asl_urispam.conf"Include "/var/cpanel/modsec/40_asl_apache2-rules.conf"Include "/var/cpanel/modsec/50_asl_rootkits.conf"Include "/var/cpanel/modsec/51_asl_rootkits.conf"Include "/var/cpanel/modsec/60_asl_recons.conf"Include "/var/cpanel/modsec/61_asl_recons_dlp.conf"Include "/var/cpanel/modsec/98_asl_adv_redactor.conf"Include "/var/cpanel/modsec/98_asl_jitp.conf"Include "/var/cpanel/modsec/99_asl_a_redactor.conf"Include "/var/cpanel/modsec/99_asl_exclude.conf"Include "/var/cpanel/modsec/99_asl_jitp.conf"Include "/var/cpanel/modsec/99_asl_redactor.conf"Include "/var/cpanel/modsec/99_asl_redactor_post.conf" |