ConfigServer ModSecurity Control

This is an original and free add-on product for cPanel/WHM. The product provides you with an interface to the cPanel mod_security implementation from within WHM.


  • Disable mod_security rules that have unique ID numbers on a globalper cPanel user or per hosted domain level
  • Disable mod_security entirely, also on a global, per cPanel user or per hosted domain level
  • Edit files containing mod_security configuration settings in /usr/local/apache/conf
  • View the latest mod_security log entries

Product Requirements

  • cPanel/WHM
  • Apache v2+
  • mod_security v2.5+ installed via Easyapache
  • A set of mod_security rules each of which uses a unique ID

This utility uses concepts explained in this section of the cPanel documentation.


The latest version of cmc can be downloaded here: cmc.tgz

The latest SHA256 checksums of all our products can be downloaded here: checksums.txt



Please visit our ConfigServer Community Forum for support for our free products.


This application is released under our script license. It is released free of charge, with no warranty to its suitability. There is no support provided with this application except through our online community forums.

If you don’t feel confident doing any of this yourself, or if you would like a comprehensive security service for your server, we do have cPanel Server Services that include the installation and configuration of this application.


We are taking a break for the Christmas holiday and will close the store, helpdesk and email from 17:00 GMT on Friday, 22nd December 2023, until 09:00 on Tuesday, 02 January 2024. If you purchase a license or Service Package before the closing date and require installation, please be sure to leave at least 24-48 hours before we close for the work to be done. Otherwise, any work will be scheduled for after this period. We wish all of you a very happy winter holiday season!