ConfigServer Services
Server Management Services from Way to The Web Ltd

ConfigServer ModSecurity Control (cmc)

This is an original and free add-on product for cPanel/WHM. The product provides you with an interface to the cPanel mod_security implementation from within WHM.

With ConfigServer ModSecurity Control you can:

  • Disable mod_security rules that have unique ID numbers on a global, per cPanel user or per hosted domain level
  • Disable mod_security entirely, also on a global, per cPanel user or per hosted domain level
  • Edit files containing mod_security configuration settings in /usr/local/apache/conf
  • View the latest mod_security log entries


  • Apache v2+
  • mod_security v2.5+ installed via Easyapache
  • A set of mod_security rules each of which uses a unique ID

A recommended selection of rules can be obtained from ModSecurity Core Rule Set Project and Got Root. Care should be exercised with these rulesets as they can increase server resource usage by Apache child processes significantly.

This utility uses concepts explained in this section of the cPanel documentation.


The latest version of cmc can be downloaded here: cmc.tgz


ConfigServer ModSecurity Control Page  


Please visit our ConfigServer Scripts Forum


This application is released under our script license. It is released free of charge, with no warranty to its suitability. There is no support provided with this application except through our online help forums.

If you don't feel confident doing any of this yourself, or if you get into a horrible mess, we do have cPanel Server Services that include the installation and configuration of this application.