shacker23
- Total activity 27
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 0
- Subscriptions 5
Activity overview
Latest activity by shacker23-
shacker23 created a post,
Let's Encrypt
I'm really interested in this new Let's Encrypt proposal, which (if I read this correctly) could very well put an end to the hassle of procuring and installing and renewing SSL certs manually.
-
shacker23 commented,
OK, several things to report: - cPanel support *rocks* - thanks Brian and Peter for the assist in getting this all working. - After waiting 24 hours so I could see what the impact on overall traf...
-
shacker23 commented,
Many thanks for the information Brian - very useful. Yes, ticket 5636595 is open, and a tech has done some work on this. I'll follow up with him on that ticket and post the results here when we g...
-
shacker23 commented,
It does. Though, oddly, "On" is not in quotes like it is in the other directives there. Should I quote "On"? # WHM-managed ModSecurity configuration directives SecAuditEngine "On" SecRuleEngine O...
-
shacker23 commented,
Thanks quizknows. My modsec2.conf does say SecDefaultAction "phase:2,deny,log,status:406" but I do not see ModSecurity hits in the apache error_log. If I grep -i security /usr/local/apache/err...
-
shacker23 created a post,
ModSecurity is logging but not blocking (integration with ConfigServer)
I feel like I'm missing something with the new ModSecurity tools. I have a single rule (Malicious Bots) set up, which is logging 10,000+ hits per day. I have both "Connections Engine" and "Rules E...
-
shacker23 commented,
OK, so cpanel's modsecurity logs to /usr/local/apache/logs/modsec_audit.log . In CSF configuration, I set MODSEC_LOG to that path and restarted CSF. So then I tail -f /var/log/lfd.log . I see CSF...
-
shacker23 commented,
Oh! Surely there must be a way to configure ConfigServer to work *with* ModSecurity rather than against it? Any idea how?
-
shacker23 commented,
OK, I misspoke on the traffic reduction - looks like awstats hadn't completed its run when I wrote earlier. I am seeing the massive numbers of log entries in ModSecurity, but I am NOT seeing a huge...
-
shacker23 commented,
I didn't write the rule - it's directly out of the spiderlabs modsec rules manual on github. But yeah - I'm seeing overall traffic cut down on most large customer sites by 50% overnight. No false p...