11
Mod_Security / Re: WordPress or WooCommerce, have a conflict with the OWASP CRS v4.16.0
« Last post by Starburst on July 14, 2025, 01:33:28 PM »Look in the logs, and it will show you what rule blocked it.
In you global_disabled_rules.conf, you should have these:
In you global_disabled_rules.conf, you should have these:
Code: [Select]
## Removed rules for CWP ##
SecRuleRemoveById 960017
SecRuleRemoveById 960015
SecRuleRemoveById 960009
#######################################################
## Removed Rules for WordPress and phpMyAdmin ##
#######################################################
## Removed rules for Wordpress ##
SecRuleRemoveById 981242
SecRuleRemoveById 981246
SecRuleRemoveById 981243
SecRuleRemoveById 959073
SecRuleRemoveById 958030
# Needed for WordPress Cloudflare Plugin
SecRuleRemoveById 911100
## Removed rules for webftp_simple ##
SecRuleRemoveById 950922
SecRuleRemoveById 981000
SecRuleRemoveById 950109
## Removed rules for phpMyAdmin ##
SecRuleRemoveById 981205
SecRuleRemoveById 970901
SecRuleRemoveById 960904
SecRuleRemoveById 960915
SecRuleRemoveById 981318
SecRuleRemoveById 981320
SecRuleRemoveById 981240
12
Mod_Security / Re: WordPress or WooCommerce, have a conflict with the OWASP CRS v4.16.0
« Last post by venty on July 14, 2025, 12:30:36 PM »Hi,...I return OWASP CRS version 4.15.0, everything works - WordPress etc., I return OWASP CRS version 4.16.0 - error 403...
Does WordPress or WooCommerce, the latest versions, have a conflict with the OWASP CRS v4.16.0 rules?
Do I need to set additional rules in the global_disabled_rules.conf file?
thanks in advance!
BR
Venty
13
Suggestions / Re: SSH Key generation for domain users
« Last post by ylaya88 on July 14, 2025, 12:10:49 PM »Please, Sir overseer, I suggest you review this request. Please understand that not all of our customers are Linux-skilled individuals, so the goal is to provide them with the most intuitive tools to resolve their issues without the need for Help Desk interventions
14
Suggestions / Simple editor to Master php.ini
« Last post by ylaya88 on July 14, 2025, 12:03:33 PM »Hello Team,
I request a new feature for the CWP panel. I would like to request the addition of a .conf editor that provides access to the PHP-FPM pool configuration files, specifically those located at /opt/alt/php-fpm8x/usr/etc/php-fpm.d/users/(cwp-username).conf.
My goal with this feature is to enable PHP extensions on a per-user account basis, similar to how cPanel's PHP Selector functions. I believe this would be a very good security measure to limit access to PHP extensions, allowing individual users to enable only the specific extensions that they genuinely need for their applications.
Yhanks
I request a new feature for the CWP panel. I would like to request the addition of a .conf editor that provides access to the PHP-FPM pool configuration files, specifically those located at /opt/alt/php-fpm8x/usr/etc/php-fpm.d/users/(cwp-username).conf.
My goal with this feature is to enable PHP extensions on a per-user account basis, similar to how cPanel's PHP Selector functions. I believe this would be a very good security measure to limit access to PHP extensions, allowing individual users to enable only the specific extensions that they genuinely need for their applications.
Yhanks

15
E-Mail / Re: Postfix, SpamAssassin, or something else
« Last post by Thorth on July 14, 2025, 12:02:24 PM »well how i can report them
looking around for the form, or smt but nothing, since i'm still getting those msgs.
also thinking seriously to ban all their IP, domains, etc

also thinking seriously to ban all their IP, domains, etc
16
Information / Re: Past Due Changelogs
« Last post by mason64 on July 14, 2025, 11:26:39 AM »I am loving cwp at the moment its a great product and i hope alot more people use it rather than the rip of costs of cPanel and Plesk.
Hopefully the dev's will bring some more updates out soon. i am looking forward to a updated version of the backup system.
keep up the great work and Thank you!
Hopefully the dev's will bring some more updates out soon. i am looking forward to a updated version of the backup system.
keep up the great work and Thank you!
17
CentOS-WebPanel Bugs / Re: [CRITICAL] Multiple CWP Servers Infected – Arbitrary PHP Code Execution via Publ
« Last post by vipony12 on July 14, 2025, 10:47:28 AM »just checked it, fixed. can someone also please validate the same.I checked on my server. IT fixed on version 1207
18
Mod_Security / WordPress or WooCommerce, have a conflict with the OWASP CRS v4.16.0
« Last post by venty on July 14, 2025, 09:51:02 AM »Hi,
Does WordPress or WooCommerce, the latest versions, have a conflict with the OWASP CRS v4.16.0 rules?
Do I need to set additional rules in the global_disabled_rules.conf file?
thanks in advance!
BR
Venty
Does WordPress or WooCommerce, the latest versions, have a conflict with the OWASP CRS v4.16.0 rules?
Do I need to set additional rules in the global_disabled_rules.conf file?
thanks in advance!
BR
Venty
19
Mod_Security / Re: OWASP CRS v4.15.0 Just Release
« Last post by venty on July 14, 2025, 09:19:21 AM »Hi,
Many thanks to Starburst...., but should I merge the two in the rbl.conf file
https://prnt.sc/9Tp9vbYKVfdk
BR
Venty
Many thanks to Starburst...., but should I merge the two in the rbl.conf file
https://prnt.sc/9Tp9vbYKVfdk
BR
Venty
20
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by venty on July 14, 2025, 08:49:24 AM »i switched back to OWASP latest rules but they are not blocking malicious attempts . i can see in logs its detecting but attempt is not blocked![]()
on the other hand comodo waf rules keeps blocking everythingbefore last update everything was fine and comodo waf rules were the best
Change these lines in csf.confCode: [Select]MODSEC = "2"
Code: [Select]MODSEC_LOG = "/usr/local/apache/logs/error_log /usr/local/apache/domlogs/*rror.log"
Yes, there is a space between those 2 paths, it's kinda hard to see.
Hi,
In my file csf.conf this line "MODSECi" s missing:
Code: [Select]
MODSEC = "2"
What should I do, what does it do and how is this value 2 determined?
BR
Venty