Control Web Panel

Security => Mod_Security => Topic started by: zeejdeej on September 08, 2024, 05:49:43 PM

Title: MOD SECURITY issue on new CWP PRO INSTALLATION
Post by: zeejdeej on September 08, 2024, 05:49:43 PM

hello,

i have recently installed CWP pro on a new Almalinux 9,everything is working fine but when i install MOD Security all the websites goes down and give below error: when i uninstall MOD Security all sites start working fine. what could be wrong ? and how to fix it any suggestions plz

Unable to connect

An error occurred during a connection to 38.242.244.140.

The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the web.

Title: Re: MOD SECURITY issue on new CWP PRO INSTALLATION
Post by: BeZazz on September 09, 2024, 12:47:49 AM

Does anything show up in the logs under Mod Security or your Apache log files?

Title: Re: MOD SECURITY issue on new CWP PRO INSTALLATION
Post by: cyberspace on September 09, 2024, 01:24:29 PM

Look at this thread:
https://forum.centos-webpanel.com/centos-9-problems/apache-wont-restart-after-enabling-mod_security/msg48744/#msg48744
it seems you have the same problem.
Hope it will help you to solve the problem.

Title: Re: MOD SECURITY issue on new CWP PRO INSTALLATION
Post by: Starburst on September 10, 2024, 01:17:44 PM

There has been multiple posts about this problem.

See:
https://kb.starburstservices.com/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/apache-wont-start-after-enabling-mod_security/ (https://kb.starburstservices.com/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/apache-wont-start-after-enabling-mod_security/)

Title: Re: MOD SECURITY issue on new CWP PRO INSTALLATION
Post by: zeejdeej on September 13, 2024, 07:28:57 PM

thanks a lot guys it worked after adding the following line :

LoadFile /usr/lib64/liblua-5.4.so

but now mod security is giving forbidden access to all the websites pages.

the main page is opened but when i click on any other link on website it triggers the mod security rule i am using comodo waf rules. how to fix forbidden access issue now . :) 

any suggestions

Title: Re: MOD SECURITY issue on new CWP PRO INSTALLATION
Post by: cyberspace on September 13, 2024, 09:22:26 PM

The simplest way is to disable mod_security :)

The correct way is to check mod_security logs, identify the blocking rule and disable it or modify according to the requirements of your site. Look here:
https://wiki.centos-webpanel.com/mod_security-for-cwp
to learn how to do this.

Title: Re: MOD SECURITY issue on new CWP PRO INSTALLATION
Post by: Starburst on September 13, 2024, 10:24:49 PM

Which ruleset are you using?

Comodo is at 1.241 that has fixes in it for WooCommerce.
The ones CWP installs are 1.240.

OWASP isn't bad, but isn't good either.
It seems to gives ALOT of false positives.

Title: Re: MOD SECURITY issue on new CWP PRO INSTALLATION
Post by: Starburst on September 13, 2024, 10:28:59 PM

Go figure https://waf.comodo.com/ (https://waf.comodo.com/) is down, again...