As to help our VPS and Dedicated Server customers who might also be effected by this we have designed the following guide to make installing Atmoic Mod Security into cPanel with little to no fuss.
Stage 1: Run the following commands at command line:
chown nobody.nobody /var/asl/data/msa
chown nobody.nobody /var/asl/data/audit
chown nobody.nobody /var/asl/data/suspicious
chmod o-rx -R /var/asl/data/*
chmod ug+rwx -R /var/asl/data/*
tar zxvf modsec-2.7-free-latest.tar.gz
cp modsec/* /usr/local/apache/conf/modsec_rules/
These command will create the required directory’s and download the latest free version of the Atomic Mod Security rules. It will also directly install them into the location of Apache designed for cPanel and configure the permission.
Stage 2: Configure cPanel to use the Mod Security Rules
In this stage, you can do everything from WHM as long as you have Mod Security already installed as part of your EasyApache build. If you do not, you will need to rebuild apache with Mod Security.
In go to: WHM -> Plugins -> Mod Security and then click: Edit Config
In this section, delete all the current content and then paste in the following configuration:
SecResponseBodyMimeType (null) text/html text/plain text/xml
Save this and restart Apache.
This should now have successfully installed the Atomic mod security rules into cPanel which are a much more secure rule base and include extra protection which is important for the latest hacks.