Command line tools

We just updated to rules Version 1.118.
That did enable a couple of categories that we didn’t have active before and therefore causing a lot of false positives!

Is there any easy command in ssh to disable these categories:
HTTP HTTP-Related Protection
Outgoing Preventing Information Reveal
PHP PHP Protection
ROR Ruby On Rails protection
SQL SQL Protection
XSS Cross Site Scripting

We only have Apps, Bruteforce and Global category active because of all the false positives on the other categories.


# /var/cpanel/cwaf/scripts/cwaf-cli.pl 
Usage: /var/cpanel/cwaf/scripts/cwaf-cli.pl [arguments]

Arguments:
-h, --help         - this help message
-g, --loglevel     - set loglevel (1 - 10)
-v, --version      - show client version
-l, --domain_list  - show list of domains
-f, --force_domain - apply domain even if it not found

 Exclude rules:
  -d, --domain - set domain for exclude operation (global exclude list if not specified)
  -xa,  --exclude_add [rule_ID1 rule_ID2...]  - add rules to exclude list
  -xac, --exclude_add_cat [cat1 cat2...]      - add categories to exclude list
  -xag, --exclude_add_grp [grp1 grp2...]      - add groups to exclude list
  -xd,  --exclude_del [rule_ID1 rule_ID2...]  - remove rules from exclude list
  -xdc, --exclude_del_cat [cat1 cat2...]      - remove categories from exclude list
  -xdg, --exclude_del_grp [grp1 grp2...]      - remove groups from exclude list
  -xl,  --exclude_list                        - show list of excluded rules
  -xlx, --exclude_list_extended               - show structured list of excluded rules
  -lc,  --list_cat                            - show list of categories
  -lg,  --list_grp                            - show list of groups

 Disable/enable mod_security for domains:
  -dd,  --disable_domain [domain1 domain2...] - disable mod_security for domains
  -de,  --enable_domain [domain1 domain2...]  - enable mod_security for domains
  -dl,  --disabled_list                       - show list of disabled domains



-lc, --list_cat - show list of categories
-xac, --exclude_add_cat [cat1 cat2…] - add categories to exclude list
will help you to fix this issue.

Also, please, check /var/cpanel/cwaf/etc/httpd/global/zzz_exclude_global.conf.