Control Web Panel
WebPanel => CentOS-WebPanel GUI => Topic started by: iraqiboy90 on January 11, 2022, 03:34:32 PM
-
The Security Incidents tab in Security Center that shows what Mod_Security has blocked is showing server IP as an offender for some specific types of attacks even though the IP is something else.
(https://i.gyazo.com/313418ab6a503f9d477f1a79a03355ce.png)
Here's the audit log showing something else:
(https://i.gyazo.com/ed8d4568ab663a701259b5ed2af38192.png)
I'm running Cloudflare -> Nginx -> Varnish -> Apache (with mod_cloudflare)
-
This is a ModSecurity issue, and it will not be fixed in 2.x versions.
Check:
https://github.com/SpiderLabs/ModSecurity/issues/811 (https://github.com/SpiderLabs/ModSecurity/issues/811)
Regards,
Netino
-
This is a ModSecurity issue, and it will not be fixed in 2.x versions.
Check:
https://github.com/SpiderLabs/ModSecurity/issues/811 (https://github.com/SpiderLabs/ModSecurity/issues/811)
Regards,
Netino
have you tried installing v3?
-
(...)
have you tried installing v3?
No. I'm using Comodo rules, and don't know if they are compatible.
https://github.com/SpiderLabs/ModSecurity/issues/1962 (https://github.com/SpiderLabs/ModSecurity/issues/1962)