This document describes how to create a custom ModSecurity™ vendor. To install ModSecurity rules, read our ModSecurity Tools documentation.
WHM's ModSecurity™ Vendors interface (WHM >> Home >> Security Center >> ModSecurity™ Vendors) provides the ability to install third-party ModSecurity rules as a vendor.
How to create the vendor metadata file
Each vendor requires a metadata file that provides the information for the WHM API to identify its rules and where to download them. This file allows the WHM API to accept a single URL that contains all information necessary to install a new vendor rule set.
- The metadata file uses the YAML format.
- The filename must use the
meta_prefix and the
.yamlfile extension, and must match you vendor's unique short name (
- You must ensure that the file is available for the system to download file over a secure (HTTPS) connection.
A vendor's metadata file contains the following attributes:
A hash that contains the information that identifies the archive.
|This hash includes the |
The download's MD5 checksum.
The MD5 attribute is required for compatibility with cPanel & WHM version 11.48 and earlier.
Click to view...
The SHA512 checksum of the download.
The SHA512 attribute is required for compatibility with cPanel & WHM version 11.50 and later.
Click to view...
The distribution's unique identifier.
The URL to the archive that contains the rules.
A hash of vendor identity information
|This hash contains the |
The description of the vendor rule set.
The vendor's name.
The URL of the vendor's website.
The URL to a Report Receiver API endpoint.
For more information, read our How to Create a Report Receiver API for the ModSecurity Rule Reports documentation.
WHM API 1's
modsec_add_vendor function accepts a single URL that contains all of the necessary information to install a new vendor rule set.
Create the vendor rule set package
For information on how to create your own ModSecurity rules, read the ModSecurity Reference Manual.
When you create the vendor rule set package, the package must meet the following requirements of WHM's ModSecurity API:
- The rule set package must exist as a
The rule set package must unzip as a directory. The name directory must match your vendor's vendor_id short name.
For more information about the
vendor_idparameter, read our WHM API 1 modsec_add_vendor function documentation.
Create the rule set package
To create the vender's rule set package, run the following commands as the
The output from these commands will resemble the following example:
Identify your rule set package's MD5 checksum
To identify the
.zip file's MD5 checksum, run the following command:
There is no content with the specified labels