Configure ModSecurity Rules per user account and a way to allow users to see its ModSecurity logs
in cPanel, the end user can only enable or disable ModSecurity for their domains, sometimes some ModSecurity rules does not work for all users and users sometimes need to adjust or create its own rules.
A cPanel UI option to disable specific rules and to create its own rules per domain its a must, also the ability to see its own hits/logs/transactions per domain so the user can identify what rule its causing problems with a domain so he can disable or adjust it.
Also the ability to install or add a Vendor per cPanel account, this open a new market to us (as a hosting provider) because we can sell rules through vendors and the user can buy them through its cPanel account.
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
From a security perspective, seeing relevant logs and disabling rule IDs should be pretty easy and safe. However, I would probably not let individual users add ModSecurity rules at least not without significant consideration. It may be possible to interfere with other domains traffic, filter or modify data Apache is sending outbound, etc., depending how that is done. Also an incorrect rule syntax can stop Apache from starting (obviously that would have to be checked before restarting Apache) but quite frankly that's a smaller concern in my opinion.
Anyway, IMO an interface in each cPanel account to see hits for the domain(s) and to be able to whitelist rule ID's per domain should be relatively easy to do both well and securely.
From a security perspective, seeing relevant logs and disabling rule IDs should be pretty easy and safe. However, I would probably not let individual users add ModSecurity rules at least not without significant consideration. It may be possible to interfere with other domains traffic, filter or modify data Apache is sending outbound, etc., depending how that is done. Also an incorrect rule syntax can stop Apache from starting (obviously that would have to be checked before restarting Apache) but quite frankly that's a smaller concern in my opinion.
Anyway, IMO an interface in each cPanel account to see hits for the domain(s) and to be able to whitelist rule ID's per domain should be relatively easy to do both well and securely.
Replies have been locked on this page!