The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CSF firewall unwanted blocks lfd: (mod_security) mod_security

Discussion in 'Security' started by crazyaboutlinux, Jul 7, 2014.

  1. crazyaboutlinux

    crazyaboutlinux Well-Known Member

    Joined:
    Nov 3, 2007
    Messages:
    938
    Likes Received:
    0
    Trophy Points:
    16
    Hi,

    115.240.6.83 # lfd: (mod_security) mod_security (id:950004) triggered by 115.240.6.83 (IN/India/Maharashtra/Mumbai/-): 5 in the last 300 secs - Mon Jul 7 16:25:26 2014


    What is this block, why our client's IP is frequently blocked in CSF firewall for the above reason ??

    And Finally what is the solution how to get rid of it, As client and we both are tired for this really.

    Regards,
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,453
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You'd need to look at your logs to find out why this one is being tripped by your user.

    You might find this useful for permitting some rules to be bypassed for a specific domain:
    ConfigServer ModSecurity Control
     
  3. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    940
    Likes Received:
    55
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    You can use configserver modsec control to whitelist 950004 for that domain. This is far preferable to disabling ModSecurity entirely.
     
Loading...

Share This Page