I have already finished the testing time of my ModSec Rules AutoUpdater for CPanel.
You can download the script at www.puntapirata.com
, here are a few details about it:
HOW TO USE IT:
1. Download GotRoot rules from www.Got
Root.com or from the payed site and save it in your /tmp file.
2. Save the script in its own folder and make the script executable (chmod u+x)
3. At running time the script will ask you for the file version, nothing else, then it will do eveything automatically for you.
So, for example, if the rule file is called modsec-201001121214.tar.gz, you will have to write "201001121214".
The script will test Apache to check everything was fine, if it is, you could restart apache from there or do it later manually.
4. Read any text inside the file for any last minute update or config tips.
The script will save a backup with your actual rules before it does the update, if Apache gives any error, you can manually restore everything on its place.
How the script works:
1. The script checks that the rule file is already saved on the /tmp directory.
2. It unpacks everything in a temporary folder.
3. Modifies some rules to be 100% compatible with CPanel.
4. Saves the actual rules in a directory, just in case needed to do a manual restore.
5. Replaces all the modsec_rule files with the new ones.
6. Checks that Apache runs with the new rules.
7. Deletes all the temporary files used.
8. The script ends.
The use of this script is at your own risk and we don't assume any responsability.
To use the script, you need to download it from my web site www.PuntaPirata.com
, if you have any comments, please use this thread.
Hope you save a lot of time as I have done with it.