modsecurity

  1. N

    SOLVED Blocking bad bots

    Hi! I have seen lots of bots accessing my websites on my VPS. For now i just block IPs temporarily using CSF, but i would like to have a better and global solution. So, i'm thinking in 2 options... first: Apache Configuration -> Include Editor -> “Pre Main Include” <Directory "/home">...
  2. M

    Mod Security cPanel Feature Missing

    Failed to receive status information from Apache. Unable to connect to local httpd server.
  3. M

    Questions about enabling mod_security

    I have a few questions on mod_security that puzzle me, so I thought I would ask for some help here to try and clarify them: I have mod_security enabled at the server level and have the OWASP ModSecurity Core Rule Set enabled, with all the 22 rules active. Rules engine is set to be processed...
  4. U

    SOLVED SQlite mod_security corrupt

    I am experimentig and issue with SQLite of mod_security. Here is my log: [ as root /scripts/purge_modsec_log: Any help? Thanks
  5. J

    mod_sec with httpd-guardian

    Anybody have experience getting mod_sec to play nicely with http-guardian? There is a box in mod_sec configuration in which a user enters their path to http-guarding, which I've done. However, the instructions in the package are a bit confusing. It says you need to activate or install...
  6. C

    ModSecurity Configuration

    Hello folks, Have some questions about ModSecurity Configuration. In WHM -> Security Center » ModSecurity Configuration » Configure Global Directives, how do I: 1. Install geolocation database 2. Install Google save browsing database 3. Implement Project Honeypot. Are there any instructions...
  7. Serra

    ModSecuirty "/var/cpanel/secdatadir/ip"

    So, this error is a bit weird. First, just to be clear, "/var/cpanel/secdatadir/ip" is not a file. So, if you go looking for it, you will not find it. There is a directory "/var/cpanel/secdatadir/" The solution appears to be to remove mod_ruid2 or disable every IP rule in mod_security. An...
  8. D

    Mod_security geoip rule doesn't work

    I want to block traffic from India and Pakistan. On my WHM I have enabled mod_security. I've followed this article: Blocking visitors from certain countries Download the latest MaxMind GeoLite2 Country database in legacy format (the binary gzip one). Unzip the file, and upload it to your...
  9. J

    Can't publish new custom mod_sec rule

    We have added mod_sec rules in the past using whm > modsecurity tools > add rule with no issues. We want to add the following, but got an error when trying to publish: rule # Block POST requests by bots accessing wpad # Whitelist file too just in case. SecRule REQUEST_URI "wpad"...
  10. O

    ModSecurity SecResponseBodyLimit & SecResponseBodyLimitAction

    Hi Guys, I have ModSecurity installed with SecResponseBodyLimit at the default 512kb limit and SecResponseBodyLimitAction default 'block' setting. My question is as follows, in todays media rich web sites, is 512kb still reasonable? I have some customers running Wordpress that are hitting this...
  11. feldon27

    Mod_Security DBM Question in 2018

    I'm forced to create a new thread because this forum disallows replying to threads after 1 year (what a strange rule!). This problem still exists after many years: Change secdatadir Mod_Security DBM Question ModSecurity: Rule processing failed. cPanel confirmed - Modsecurity incompatibility...
  12. speckados

    Globally stop bad bots in Apache

    Usually use a tip on htaccess for stop badbots for some sites. But in last times, too many sites has same problem: too many bad boots with high traffic. What is best method for put on httpd.conf or for global sites ? # Block Bad Bots & Scrapers SetEnvIfNoCase User-Agent "MJ12bot" bad_bot...
  13. ::Gomez::

    Why are modsecurity rules not installed by default?

    Hey! how are you guys! I was just wondering if there is any specific reason why ModSecurity rules comes uninstalled on all cpanel servers... did you have any kind of issue after enabling it? wordpress/joomla are fully compatible? its a must to have it enabled/installed or there is no big...
  14. C

    Apache Full of Reading Request | 0 idle workers

    Hello, Since few days, there have been multiple downtimes due to no idle worker left for Apache Current Max Workers are 150 which worked fine before 150 requests currently being processed, 0 idle workers RRRRRRRRRRRRRRRRWKRRRRRRRRRRRRKRRKRKRKRRRRRRRRRRRRWRRRRRRKRRRRRR...
  15. U

    ModSecurity Rules and Alt Languages

    Hello, I am using Standard Mod_sec rules provided via cPanel (OWSAPv3) and after the recent update (I didn't for last few version) all my sites (based on WP) using any language other than English are having issue. I have identified these rules 942100 949110 980130 941160 They seem to think...
  16. T

    ModSecurity and additional rules

    I have noticed that mode security detects MSSQL code execution and looking for basic SQL injection. If I confirm rule, how I know this will not prevent web application to work like cookies or it will happen any usability issue?
  17. T

    What are imh-modsec rules?

    I see a whole list of rules under /etc/apache2/conf.d/imh-modsec. These rules can be processed as i have found out. I tried searching but i can't find out where these rules are from. Any information would be great. Do i need them, should i use these in conjunction with the cpanel rules...
  18. F

    ModSecurity: Rule processing failed

    Hi all, we have migrate our server from EA3 to EA4 yesterday and we have a lot of problems with this new configuration this an example of the content of /usr/local/apache/logs/error_log [Wed Dec 06 21:34:17.906608 2017] [:error] [pid 18548:tid 139670904047360] [client xxx.xxx.xx.xx:xxxxx]...
  19. jimlongo

    Atomic Rules with EA4

    I've been using the Atomic Rules for Mod Security for years on cPanel with Easy Apache 3. What's the consensus about Atomic on EA4? The documentation at Atomic is so confusing, the price has doubled (from $99 to $199), their aum installer doesn't seem to work for me on CentOS7, and I'm not...
  20. J

    path log of ModSecurity Tools

    hi Whats is path log of option HOME -> Security Center -> ModSecurity Tools view : i.imgur.com/vACoeY3.gif where is the log stored, of this report?