I have seen lots of bots accessing my websites on my VPS. For now i just block IPs temporarily using CSF, but i would like to have a better and global solution.
So, i'm thinking in 2 options...
Apache Configuration -> Include Editor -> “Pre Main Include”
I have a few questions on mod_security that puzzle me, so I thought I would ask for some help here to try and clarify them:
I have mod_security enabled at the server level and have the OWASP ModSecurity Core Rule Set enabled, with all the 22 rules active. Rules engine is set to be processed...
Anybody have experience getting mod_sec to play nicely with http-guardian? There is a box in mod_sec configuration in which a user enters their path to http-guarding, which I've done. However, the instructions in the package are a bit confusing. It says you need to activate or install...
Have some questions about ModSecurity Configuration.
In WHM -> Security Center » ModSecurity Configuration » Configure Global Directives, how do I:
1. Install geolocation database
2. Install Google save browsing database
3. Implement Project Honeypot.
Are there any instructions...
So, this error is a bit weird. First, just to be clear, "/var/cpanel/secdatadir/ip" is not a file. So, if you go looking for it, you will not find it. There is a directory "/var/cpanel/secdatadir/"
The solution appears to be to remove mod_ruid2 or disable every IP rule in mod_security.
I want to block traffic from India and Pakistan. On my WHM I have enabled mod_security. I've followed this article:
Blocking visitors from certain countries
Download the latest MaxMind GeoLite2 Country database in legacy format (the binary gzip one).
Unzip the file, and upload it to your...
We have added mod_sec rules in the past using whm > modsecurity tools > add rule with no issues.
We want to add the following, but got an error when trying to publish:
# Block POST requests by bots accessing wpad
# Whitelist file too just in case.
SecRule REQUEST_URI "wpad"...
I have ModSecurity installed with SecResponseBodyLimit at the default 512kb limit and SecResponseBodyLimitAction default 'block' setting.
My question is as follows, in todays media rich web sites, is 512kb still reasonable? I have some customers running Wordpress that are hitting this...
I'm forced to create a new thread because this forum disallows replying to threads after 1 year (what a strange rule!).
This problem still exists after many years:
Mod_Security DBM Question
ModSecurity: Rule processing failed.
cPanel confirmed - Modsecurity incompatibility...
Usually use a tip on htaccess for stop badbots for some sites.
But in last times, too many sites has same problem: too many bad boots with high traffic.
What is best method for put on httpd.conf or for global sites ?
# Block Bad Bots & Scrapers
SetEnvIfNoCase User-Agent "MJ12bot" bad_bot...
Hey! how are you guys! I was just wondering if there is any specific reason why ModSecurity rules comes uninstalled on all cpanel servers... did you have any kind of issue after enabling it? wordpress/joomla are fully compatible? its a must to have it enabled/installed or there is no big...
Since few days, there have been multiple downtimes due to no idle worker left for Apache
Current Max Workers are 150 which worked fine before
150 requests currently being processed, 0 idle workers
I am using Standard Mod_sec rules provided via cPanel (OWSAPv3) and after the recent update (I didn't for last few version) all my sites (based on WP) using any language other than English are having issue. I have identified these rules
They seem to think...
I have noticed that mode security detects MSSQL code execution and looking for basic SQL injection.
If I confirm rule, how I know this will not prevent web application to work like cookies or it will happen any usability issue?
I see a whole list of rules under /etc/apache2/conf.d/imh-modsec.
These rules can be processed as i have found out. I tried searching but i can't find out where these rules are from. Any information would be great. Do i need them, should i use these in conjunction with the cpanel rules...
we have migrate our server from EA3 to EA4 yesterday and we have a lot of problems with this new configuration
this an example of the content of /usr/local/apache/logs/error_log
[Wed Dec 06 21:34:17.906608 2017] [:error] [pid 18548:tid 139670904047360] [client xxx.xxx.xx.xx:xxxxx]...
I've been using the Atomic Rules for Mod Security for years on cPanel with Easy Apache 3.
What's the consensus about Atomic on EA4? The documentation at Atomic is so confusing, the price has doubled (from $99 to $199), their aum installer doesn't seem to work for me on CentOS7, and I'm not...