Recent Posts

Pages: 1 2 [3] 4 5 ... 10
21
Suggestions / Re: Simple editor to Master php.ini
« Last post by overseer on July 14, 2025, 03:51:06 PM »
Each user can have .user.ini php settings file in the web root or if you would rather, you can name it php.ini. Just uncomment that directive in the version php-fpm php.ini file.
22
Suggestions / Re: SSH Key generation for domain users
« Last post by overseer on July 14, 2025, 03:48:23 PM »
In the case of SSH access and keygen, I would indeed think you would want direct help desk intervention. I don't think you want to open up shell access to your server lightly, so 1-2 help tickets per server is attainable.
23
You will need to look through your error logs and see which rules are triggering the blocks, then add them to the global rules file:
Code: [Select]
grep "modsecurity" /usr/local/apache/domlogs/*.error.log
Afterward, don't forget to restart httpd. You can also disable Mod Security on a user-account basis to get you through the WordPress install process.
24
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by overseer on July 14, 2025, 03:33:39 PM »
yes, exactly.
25
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by venty on July 14, 2025, 02:36:59 PM »
That line shouldn't be missing, it part of the default install for CSF/LFD.

It's default setting is usually MODSEC = "5"

Hi,

the closest line in my csf.conf  is:
https://prnt.sc/Vfk78oC82e3H

BR
Venty
26
Look in the logs, and it will show you what rule blocked it.

In you global_disabled_rules.conf, you should have these:

Code: [Select]
## Removed rules for CWP ##
SecRuleRemoveById 960017
SecRuleRemoveById 960015
SecRuleRemoveById 960009
#######################################################
## Removed Rules for WordPress and phpMyAdmin ##
#######################################################
## Removed rules for Wordpress ##
SecRuleRemoveById 981242
SecRuleRemoveById 981246
SecRuleRemoveById 981243
SecRuleRemoveById 959073
SecRuleRemoveById 958030
# Needed for WordPress Cloudflare Plugin
SecRuleRemoveById 911100
## Removed rules for webftp_simple ##
SecRuleRemoveById 950922
SecRuleRemoveById 981000
SecRuleRemoveById 950109
## Removed rules for phpMyAdmin ##
SecRuleRemoveById 981205
SecRuleRemoveById 970901
SecRuleRemoveById 960904
SecRuleRemoveById 960915
SecRuleRemoveById 981318
SecRuleRemoveById 981320
SecRuleRemoveById 981240

Hi,
When I have rules version version 4.16.0, rules with ids 980170, 949110, 930130 are the ones that block, I set them in global_disabled_rules.conf, but again I can't access and install WordPress...

When I revert the rules to version 4.15.0 , things work....

and finally, the blocking seems to be not just for WordPress...

BR
Venty
27
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by Starburst on July 14, 2025, 01:37:03 PM »
That line shouldn't be missing, it part of the default install for CSF/LFD.

It's default setting is usually MODSEC = "5"
28
Mod_Security / Re: OWASP CRS v4.15.0 Just Release
« Last post by Starburst on July 14, 2025, 01:35:04 PM »
You can do it anyway you like your system setup.
As long as ModSecurity reads the .conf
29
Look in the logs, and it will show you what rule blocked it.

In you global_disabled_rules.conf, you should have these:

Code: [Select]
## Removed rules for CWP ##
SecRuleRemoveById 960017
SecRuleRemoveById 960015
SecRuleRemoveById 960009
#######################################################
## Removed Rules for WordPress and phpMyAdmin ##
#######################################################
## Removed rules for Wordpress ##
SecRuleRemoveById 981242
SecRuleRemoveById 981246
SecRuleRemoveById 981243
SecRuleRemoveById 959073
SecRuleRemoveById 958030
# Needed for WordPress Cloudflare Plugin
SecRuleRemoveById 911100
## Removed rules for webftp_simple ##
SecRuleRemoveById 950922
SecRuleRemoveById 981000
SecRuleRemoveById 950109
## Removed rules for phpMyAdmin ##
SecRuleRemoveById 981205
SecRuleRemoveById 970901
SecRuleRemoveById 960904
SecRuleRemoveById 960915
SecRuleRemoveById 981318
SecRuleRemoveById 981320
SecRuleRemoveById 981240
30
Hi,

Does WordPress or WooCommerce, the latest versions, have a conflict with the OWASP CRS v4.16.0 rules?

Do I need to set additional rules in the global_disabled_rules.conf file?

thanks in advance!

BR
Venty
...I return OWASP CRS version 4.15.0, everything works - WordPress etc., I return OWASP CRS version 4.16.0 - error 403...
Pages: 1 2 [3] 4 5 ... 10