shacker23

1. Community
2. Security
3. ModSecurity is logging but not blocking (integration with ConfigServer)

OK, several things to report: - cPanel support *rocks* - thanks Brian and Peter for the assist in getting this all working. - After waiting 24 hours so I could see what the impact on overall traf...

• View comment
• shacker23
• October 31, 2014 15:41
• 0 votes

1. Community
2. Security
3. ModSecurity is logging but not blocking (integration with ConfigServer)

Many thanks for the information Brian - very useful. Yes, ticket 5636595 is open, and a tech has done some work on this. I'll follow up with him on that ticket and post the results here when we g...

• View comment
• shacker23
• October 30, 2014 15:45
• 0 votes

1. Community
2. Security
3. ModSecurity is logging but not blocking (integration with ConfigServer)

It does. Though, oddly, "On" is not in quotes like it is in the other directives there. Should I quote "On"? # WHM-managed ModSecurity configuration directives SecAuditEngine "On" SecRuleEngine O...

• View comment
• shacker23
• October 28, 2014 18:06
• 0 votes

1. Community
2. Security
3. ModSecurity is logging but not blocking (integration with ConfigServer)

Thanks quizknows. My modsec2.conf does say SecDefaultAction "phase:2,deny,log,status:406" but I do not see ModSecurity hits in the apache error_log. If I grep -i security /usr/local/apache/err...

• View comment
• shacker23
• October 28, 2014 17:08
• 0 votes

1. Community
2. Web Servers & Applications
3. Unknown robot (identified by 'bot*')

OK, so cpanel's modsecurity logs to /usr/local/apache/logs/modsec_audit.log . In CSF configuration, I set MODSEC_LOG to that path and restarted CSF. So then I tail -f /var/log/lfd.log . I see CSF...

• View comment
• shacker23
• October 26, 2014 16:34
• 0 votes