Login
Register
Home
Wiki Knowledge Base
FreeDNS
Facebook
Linux Support
Control Web Panel
MENU
Home
Help
Search
Login
Register
Control Web Panel
»
Security
»
CSF Firewall
»
CSF & Modsec
« previous
next »
Print
Pages: [
1
]
Author
Topic: CSF & Modsec (Read 117 times)
0 Members and 1 Guest are viewing this topic.
Bossmanuk
Newbie
Posts: 28
CSF & Modsec
«
on:
July 12, 2025, 03:52:02 PM »
Hello Everyone,
I upgraded my version of Modsec to v2.9.11, and CSF has stopped blocking perm 1 into it. After the upgrade, is there anything I need to configure with CSF and the newly upgraded Modsec?
Thanks
BossmanUK
Logged
overseer
Hero Member
Posts: 1520
Re: CSF & Modsec
«
Reply #1 on:
July 12, 2025, 09:13:07 PM »
Confirm your update procedure was along these lines (no missing steps):
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-to-2-9-11-running-cwp-and-apache-on-almalinux-8-9/
Then install the latest OWASP ruleset:
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-owasp-crs-ruleset-to-4-16-0-running-cwp-and-apache-on-almalinux-8-9/
Then if you are having problems with CSF & LFD:
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/no-lfd-notifications-and-or-csf-not-blocking-ips-after-upgrading-to-owasp-latest-with-cwp-on-almalinux-8-9/
Logged
Bossmanuk
Newbie
Posts: 28
Re: CSF & Modsec
«
Reply #2 on:
July 15, 2025, 12:38:05 PM »
I have followed the instructions on installing the new ruleset, I also have the lastest version installed via CWP7 Pro control panel do I disable the built in ones? As I am not getting the notifications from Modsec to CSF even though I followed the instructions, but I have two OWASP's enabled.
One built in is called OWASP latest and the one I installed from your instructions I am assuming it is seeing OWASP latest as default.
Thanks
BossmanUK
Logged
overseer
Hero Member
Posts: 1520
Re: CSF & Modsec
«
Reply #3 on:
July 15, 2025, 12:40:41 PM »
You followed the Mod Sec installation/upgrade instructions and are running the OWASP-old setup. (I know it's counterintuitive naming, as you will actually be using the newest ruleset.)
Logged
Bossmanuk
Newbie
Posts: 28
Re: CSF & Modsec
«
Reply #4 on:
July 15, 2025, 01:07:33 PM »
I will insert some images which should explain it better
Image 1
https://www.awesomescreenshot.com/image/55468785?key=292a082769213cb3c21f207a540a3566
Image 2
https://www.awesomescreenshot.com/image/55468832?key=180b0fd60322284d46e9f0e543d2e995
Image 3
https://www.awesomescreenshot.com/image/55468860?key=78997c943777062ced2b19253474463c
Thanks
BossmanUK
Logged
Starburst
Hero Member
Posts: 1466
Re: CSF & Modsec
«
Reply #5 on:
July 15, 2025, 01:29:08 PM »
Well right from the 1st screenshot it was started wrong to update ModSec & install the latest OWASP CRS ruleset.
CWP's 'OWASP Latest' is an old outdated version, and not the 'latest'
Uninstall ModSec & start over with 'OWASP old' selected.
Follow the guides at:
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-modsecurity-to-2-9-11-running-cwp-and-apache-on-almalinux-8-9/
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/update-to-owasp-crs-ruleset-running-cwp-and-apache-on-almalinux-8-9/
You can change 4.11.0 to 4.16.0
https://starburst.help/control-web-panel-cwp/modsecurity-running-with-control-web-panel/no-lfd-notifications-and-or-csf-not-blocking-ips-after-upgrading-to-owasp-latest-with-cwp-on-almalinux-8-9/
Logged
Bossmanuk
Newbie
Posts: 28
Re: CSF & Modsec
«
Reply #6 on:
July 15, 2025, 03:26:25 PM »
I have been using this Modsec for years as I installed it when I first installed CWP7Pro. So, as I have 2.9.11 already installed should I just disable OWASP Latest and enable the other one then follow the instructions for the newer ruleset etc?
Logged
Print
Pages: [
1
]
« previous
next »
Control Web Panel
»
Security
»
CSF Firewall
»
CSF & Modsec
Topic: CSF & Modsec (Read 117 times)
