Mod_Security Block Time and CSF

701Hosting

• September 23, 2021 17:03

I have both mod_security and CSF installed. I'm using a CDN that triggers some mod_security rules. I'm curious does mod_security need CSF to block IPs? Because I've whitelisted all the CDNs IP in CSF but it appears they might still be blocked when a mod_security rule is triggered. I'm curious... Can mod_security block traffic without CSF to create a firewall rule?

• 

  quietFinn

  • September 24, 2021 04:19

  ... I'm curious does mod_security need CSF to block IPs? ... Can mod_security block traffic without CSF to create a firewall rule?

  
  AFAIK, yes and no.

  0
• 

  cPRex Jurassic Moderator

  • September 24, 2021 13:17

  ModSecurity itself is a web application firewall, so it specifically is just looking at Apache. CSF includes the LF_MODSEC tool, which can perform firewall blocks as well. So, as @quietFinn said, yes and no are the correct answers to those questions.

  0
• 

  701Hosting

  • September 24, 2021 16:54

  Ok. So does mod_security block traffic on it's own? Or just deny requests to certain files when accesses?

  0
• 

  cPRex Jurassic Moderator

  • September 24, 2021 16:56

  ModSecurity can block specific Apache requests, but not actual traffic.

  0

Please sign in to leave a comment.