ASL Modsecurity, cpanel

[fxs]

Hi,

I have two licenses form atomicorp /ASL .
Last saturday, we migrate one dedicated server from plesk to cpanel .
With cpanel, at the opposite what they said, ASL doesn’t work right out of the box.
We use cent OS and cpanel Detected version '11.40.1.11' .

We have two problems :

1) We cannot get any e-mail from the firewall. We read this post ASL Troubleshooting - Atomicorp Wiki but we were unable to solve the problem. If any customers can share their experience, thanks.

2) As soon as Cpanel was installed, we get one ton of this kind of messages :
(for example)

March 5, 2014 07:50:42 Rule: 30113 - Invalid method in request
Attacker: 5.10.83.13
[client 5.10.83.13] Invalid method in request /x16/x03/x01/x017/x01

Description of the rule:

This event is not caused by ASL. ASL is simply reporting when this occurs with Apache, and ASL neither causes this nor can it change this behavior in apache. Disabling this rule will only cause ASL to not report the event, it wont change apache behavior nor will disabling this prevent apache form rejecting these requests.
This rule reports when Apache has completely rejected a connection from a client, and Apache has determined the method used is Invalid. ASL does not cause this, this is simply a reporting rule, and disabling this rule will not prevent Apache from rejecting these invalid connections.
This rule does not shun the offending IP by default. Please see rule HIDS_30122 which will shun multiple 30113 events from the same IP within a period of time.
Certain DOS attacks use this method to use up all file handles in use on the system.
False Positives
None. This rule simply reports when Apache has rejected the connection because it is using an invalid method.

Staff from cpanel, feel free to give any comments.
Is this a misconfiguration of the dedicated server?
Is this really an attack?

Thanks

 

[cPanelMichael]

Hello

This post might be helpful:

Invalid Method In Request

Thank you.