sonicthoughts

1. Community
2. Security
3. ModSecurity: Rule processing failed.

This is a VERY SERIOUS ISSUE. Every apache call is hitting the GEOIP db and failing. Server can get to a halt under modest load. Very hard to debug this. YES, am using ruid2. ModSecurity: co...

• View comment
• sonicthoughts
• February 11, 2015 13:53
• 0 votes

1. Community
2. Security
3. OWASP - mod security and wordpress

I feel your pain of the ModSecurity OWASP false positives. It seems to be that especially with WordPress there are a lot of false positives with different plugins (Probably same reason it always g...

• View comment
• sonicthoughts
• July 06, 2015 23:41
• 0 votes

1. Community
2. Security
3. OWASP - mod security and wordpress

]Multiple ModSec related threads merged here. Actually there are several of these floating about. I'm sure there are many more :) While I applaud Cpanal's efforts in improved modsec rule integr...

• View comment
• sonicthoughts
• February 23, 2015 21:32
• 0 votes

1. Community
2. Security
3. OWASP - mod security and wordpress

] However, the deployment of what could have been a source of joy to many users wasn't really thought out well beforehand. Not only that these OWASP Rules didn't work with most of the scripts out t...

• View comment
• sonicthoughts
• February 23, 2015 21:20
• 0 votes

1. Community
2. Security
3. OWASP - mod security and wordpress

]@Brian: Thanks for your response. I look forward to a 'report' feature, since I have a feeling it's going to be used quite heavily when live... Can you tell us more about how the rule updates wil...

• View comment
• sonicthoughts
• February 06, 2015 15:48
• 0 votes

1. Community
2. Security
3. ModSecurity question (in WHM 11.48)

]From 11.46 and forward, there are two files that should never be manually edited or otherwise put customizations within: modsec2.conf modsec2.cpanel.conf Both of those files are "managed" by cPa...

• View comment
• sonicthoughts
• February 06, 2015 16:06
• 0 votes

1. Community
2. cPanel Announcements
3. EasyApache4 Announcement

My wishlist: Modsecurity rules and management that work well / allow for quickly reacting to false positives. ConfigServer Firewall integration / support Ability to use modruid2/moditk with cache +...

• View comment
• sonicthoughts
• February 23, 2015 23:02
• 0 votes

1. Community
2. Security
3. New ModSecurity

I have looked at the documentation for the UI and it seems sparse at best. For example, in the tool, if it shows a triggered rule it asks if I want to enable it. The checkbox appears, but it is n...

• View comment
• sonicthoughts
• November 24, 2014 16:21
• 0 votes

1. Community
2. Miscellaneous
3. My experience, suExec + FastCGI + opcache VS mod_ruid2 + DSO + opcache

I agree that this is great performance, but unfortunately, mod_ruid2 still does not support caching (memcache!) which really kills performance. Hoping CP will address this soon.

• View comment
• sonicthoughts
• October 15, 2015 18:27
• 0 votes

1. Community
2. Security
3. ModSecurity: collection_store: Failed to access DBM file

This is likely related to MUTEX locking and Modesc / GEOIP. Can really slow down the server.

• View comment
• sonicthoughts
• February 11, 2015 17:01
• 0 votes