fuzzylogic
- Total activity 235
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 81
Comments
Recent activity by fuzzylogic-
The cause and the resolution to this problem depend on the mod-security rule set you are using. To determine your ruleset... Go to WHM=>Security Center=>Modsecurity Vendors then post the name of th...
-
I had the same symptoms when mod-security rules blocked requests GET /whm-server-status/ from 127.0.0.1 The Apache Status page uses the GET /whm-server-status/ to get the info. This can be fixed w...
-
I put both rules in CMC's Global Whitelist, but it's not working. I'm having to put them in CMC's per account / per domain whitelists May I suggest that you inadvertently pasted the IDs with a tra...
-
This is a complex situation to troubleshoot. From the first post the modsec_audit.log shows... Producer: ModSecurity for Apache/2.9.0 (http://www.modsecurity.org/); OWASP_CRS/3.0.0; CWAF_Apache. Th...
-
Hey Spork, The .yaml link was moderated (not by me). It is understandable I guess, the .yaml has a link to a .zip of the rules directory located off-site from cpanel.net, so could be considered a s...
-
Here are better versions of the two rules above (more reliable at matching the request filename) # (cPanel old CRS rulset) # Rule to allow cPanel whm-server-status requests with missing mandatory ...
-
Here is a more reliable version of that rule for matching the request file. # Rule to allow cPanel whm-server-status requests with missing mandatory headers. SecRule REMOTE_ADDR "@ipMatch 127.0.0....
-
The OWASP ModSecurity Core Rule Set team have changed the default configuration of the current version of the CRS to run in Collaborative Detection mode. That is the main change to achieve the 90% ...
-
The reason so many people are having so many problems with false positives is because this older version of the CRS that cPanel is using was released (by OWASP then by cPanel) with the configuratio...
-
I can add some detail that may help some people with this problem. I have this problem on all my WordPress sites. I am using EasyApache 4, SuPHP and the WordPress Plugin WordFence's Firewall option...