Mod_Security Block Time and CSF

701Hosting · Sep 23, 2021

I have both mod_security and CSF installed. I'm using a CDN that triggers some mod_security rules. I'm curious does mod_security need CSF to block IPs? Because I've whitelisted all the CDNs IP in CSF but it appears they might still be blocked when a mod_security rule is triggered. I'm curious... Can mod_security block traffic without CSF to create a firewall rule?

quietFinn · Sep 23, 2021

701Hosting said:
... I'm curious does mod_security need CSF to block IPs?
... Can mod_security block traffic without CSF to create a firewall rule?

AFAIK, yes and no.

cPRex · Sep 24, 2021

ModSecurity itself is a web application firewall, so it specifically is just looking at Apache. CSF includes the LF_MODSEC tool, which can perform firewall blocks as well. So, as @quietFinn said, yes and no are the correct answers to those questions.

701Hosting · Sep 24, 2021

Ok. So does mod_security block traffic on it's own? Or just deny requests to certain files when accesses?

cPRex · Sep 24, 2021

ModSecurity can block specific Apache requests, but not actual traffic.

Thread starter	Similar threads	Forum	Replies	Date
D	prestashop (ecommerce) and mod_security - legitime ip blocked	Security	3	May 9, 2021
C	OWASP mod_security rules not triggering CSF IP block anymore...	Security	12	Feb 9, 2015
C	CSF firewall unwanted blocks lfd: (mod_security) mod_security	Security	2	Jul 7, 2014
S	csf-lfd/mod_security blocked my gateway	Security	6	May 19, 2014
T	csf blocked IP for mod_security login failures	Security	1	Jul 8, 2008

Search

Search

Mod_Security Block Time and CSF

701Hosting

Active Member

quietFinn

Well-Known Member

cPRex

Jurassic Moderator

701Hosting

Active Member

cPRex

Jurassic Moderator