Possible bug in Mod Security.

speckados

• June 06, 2014 14:24

hi. I don't see version of mos Security on latest RELEASe of WHM/Cpanel. But there a problem with rules added Can't use IP addresses in rules Your using an a buggy version of modsecurity, 2.8.0. 2.8.0 has a known critical bug where it can not use IP addresses in rules as documented at the URL below:

• 

  cPanelMichael

  • June 06, 2014 19:32

  Hello :) This is discussed here: Revert to mod_security 2.7.7 Thank you.

  0
• 

  quizknows

  • June 06, 2014 20:26

  To know the exact version, run; httpd stop ; httpd start
  then check your Apache error_log, it will show the version in use: tail -n 1000 /usr/local/apache/logs/error_log |grep modsec
[Fri Jun 06 16:25:29.001994 2014] [:notice] [pid 17604] ModSecurity for Apache/2.8.0 ([url=http://www.modsecurity.org/]ModSecurity: Open Source Web Application Firewall) configured.
  

  0

Please sign in to leave a comment.