fuzzylogic

1. Community
2. Security
3. Use modsecurity / CSF to block all common cms logins?

1). Definitely not a bad idea. These IPs are revealing to us they most likely hacked sites/servers (also likely part of a group of compromised servers with a centralized control) An IP running...

• View comment
• fuzzylogic
• January 06, 2019 12:22
• 0 votes

1. Community
2. Security
3. Fail2ban for Apache Scanner

Your regex is not right. You are using * which does not work as you intend. Use .* to do that. Here is a working version of what you tried to write... failregex = [[]client :.*[]] File does not exi...

• View comment
• fuzzylogic
• December 28, 2018 04:12
• 0 votes

1. Community
2. Security
3. Advice on modsecurity response when rule is hit

I tested this on a domain on a cPanel server with "COMODO ModSecurity Apache Rule Set" as the only rule set enabled. For the first test I appended /?q="> to the https domain name (to avoid .htacce...

• View comment
• fuzzylogic
• December 16, 2018 06:25
• 0 votes

1. Community
2. Security
3. Advice on modsecurity response when rule is hit

To troubleshoot your issues I need to be able to duplicate the problem. Could you please confirm the exact name of the ruleset you are using (copy it and paste it to your reply) Copy it from the Ve...

• View comment
• fuzzylogic
• December 15, 2018 07:11
• 0 votes

1. Community
2. Security
3. Block WordPress wp-login.php attempts with CSF?

Hello @Waqass To diagnose the problem I would need to see... Which (of the 3 posted here) lfd custom regex rules you are using. Sample log lines from one of the access_log files you are monitorin...

• View comment
• fuzzylogic
• May 05, 2019 11:44
• 0 votes

1. Community
2. Security
3. OWASP mod_security breaking Wordpress page save

Hello subtopic, OWASP CRS 3.2 has 29 WordPress exclusion rules in a single .conf file. You can view/get them at this url SpiderLabs/owasp-modsecurity-crs If you choose to use one or more of them I...

• View comment
• fuzzylogic
• September 20, 2018 10:45
• 0 votes

1. Community
2. Security
3. Entries in Log File Questions

The apache access_log lines you posted are evidence that the ip address in your original post requested the whm login page. It is not evidence that they successfully logged in. See the attached scr...

• View comment
• fuzzylogic
• September 18, 2018 06:48
• 0 votes

1. Community
2. Security
3. OWASP V3 error when installing.

That error message is confusing. The response from... /usr/local/cpanel/scripts/modsec_vendor list indicates that "OWASP ModSecurity Core Rule Set V3.0" is already added but not enabled, so to the...

• View comment
• fuzzylogic
• September 09, 2018 05:05
• 0 votes

1. Community
2. Security
3. cPanel's implementation of Mod_Security

[QUOTE]1. If one enables the OWASP ruleset provided by cPanel, how does it affect the default ruleset in the module The Apache module (that is ModSecurity for Apache/2.9.2) is an interpeter for mod...

• View comment
• fuzzylogic
• August 10, 2018 12:35
• 0 votes

1. Community
2. Security
3. Can't Disable Wordpress Plugin Issue

Some things to try so as to log in to cPanel. I will assume you are not the server administrator. I will also assume that the ssl cert for yourdomain.com has expired and that you have been previous...

• View comment
• fuzzylogic
• July 18, 2018 10:51
• 0 votes