Recent Posts
21
E-Mail / Re: Postfix, SpamAssassin, or something else
« Last post by overseer on July 14, 2025, 03:58:49 PM »https://www.leaseweb.com/en/about-us/legal/abuse-handling
https://kb.leaseweb.com/kb/compliance-security/compliance-and-security-contacting-abuse-prevention-department/
Use their contact forms (above) or e-mail them directly (handy if you have e-mail samples you can send them):
abusedesk@global.leaseweb.com
https://kb.leaseweb.com/kb/compliance-security/compliance-and-security-contacting-abuse-prevention-department/
Use their contact forms (above) or e-mail them directly (handy if you have e-mail samples you can send them):
abusedesk@global.leaseweb.com
22
Suggestions / Re: Simple editor to Master php.ini
« Last post by overseer on July 14, 2025, 03:51:06 PM »Each user can have .user.ini php settings file in the web root or if you would rather, you can name it php.ini. Just uncomment that directive in the version php-fpm php.ini file.
23
Suggestions / Re: SSH Key generation for domain users
« Last post by overseer on July 14, 2025, 03:48:23 PM »In the case of SSH access and keygen, I would indeed think you would want direct help desk intervention. I don't think you want to open up shell access to your server lightly, so 1-2 help tickets per server is attainable.
24
Mod_Security / Re: WordPress or WooCommerce, have a conflict with the OWASP CRS v4.16.0
« Last post by overseer on July 14, 2025, 03:42:16 PM »You will need to look through your error logs and see which rules are triggering the blocks, then add them to the global rules file:
Afterward, don't forget to restart httpd. You can also disable Mod Security on a user-account basis to get you through the WordPress install process.
Code: [Select]
grep "modsecurity" /usr/local/apache/domlogs/*.error.logAfterward, don't forget to restart httpd. You can also disable Mod Security on a user-account basis to get you through the WordPress install process.
25
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by overseer on July 14, 2025, 03:33:39 PM »yes, exactly.
26
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by venty on July 14, 2025, 02:36:59 PM »That line shouldn't be missing, it part of the default install for CSF/LFD.
It's default setting is usually MODSEC = "5"
Hi,
the closest line in my csf.conf is:
https://prnt.sc/Vfk78oC82e3H
BR
Venty
27
Mod_Security / Re: WordPress or WooCommerce, have a conflict with the OWASP CRS v4.16.0
« Last post by venty on July 14, 2025, 02:28:17 PM »Look in the logs, and it will show you what rule blocked it.
In you global_disabled_rules.conf, you should have these:Code: [Select]## Removed rules for CWP ##
SecRuleRemoveById 960017
SecRuleRemoveById 960015
SecRuleRemoveById 960009
#######################################################
## Removed Rules for WordPress and phpMyAdmin ##
#######################################################
## Removed rules for Wordpress ##
SecRuleRemoveById 981242
SecRuleRemoveById 981246
SecRuleRemoveById 981243
SecRuleRemoveById 959073
SecRuleRemoveById 958030
# Needed for WordPress Cloudflare Plugin
SecRuleRemoveById 911100
## Removed rules for webftp_simple ##
SecRuleRemoveById 950922
SecRuleRemoveById 981000
SecRuleRemoveById 950109
## Removed rules for phpMyAdmin ##
SecRuleRemoveById 981205
SecRuleRemoveById 970901
SecRuleRemoveById 960904
SecRuleRemoveById 960915
SecRuleRemoveById 981318
SecRuleRemoveById 981320
SecRuleRemoveById 981240
Hi,
When I have rules version version 4.16.0, rules with ids 980170, 949110, 930130 are the ones that block, I set them in global_disabled_rules.conf, but again I can't access and install WordPress...
When I revert the rules to version 4.15.0 , things work....
and finally, the blocking seems to be not just for WordPress...
BR
Venty
28
Suggestions / Re: :):):) Comodo WAF rules update required :):):)
« Last post by Starburst on July 14, 2025, 01:37:03 PM »That line shouldn't be missing, it part of the default install for CSF/LFD.
It's default setting is usually MODSEC = "5"
It's default setting is usually MODSEC = "5"
29
Mod_Security / Re: OWASP CRS v4.15.0 Just Release
« Last post by Starburst on July 14, 2025, 01:35:04 PM »You can do it anyway you like your system setup.
As long as ModSecurity reads the .conf
As long as ModSecurity reads the .conf
30
Mod_Security / Re: WordPress or WooCommerce, have a conflict with the OWASP CRS v4.16.0
« Last post by Starburst on July 14, 2025, 01:33:28 PM »Look in the logs, and it will show you what rule blocked it.
In you global_disabled_rules.conf, you should have these:
In you global_disabled_rules.conf, you should have these:
Code: [Select]
## Removed rules for CWP ##
SecRuleRemoveById 960017
SecRuleRemoveById 960015
SecRuleRemoveById 960009
#######################################################
## Removed Rules for WordPress and phpMyAdmin ##
#######################################################
## Removed rules for Wordpress ##
SecRuleRemoveById 981242
SecRuleRemoveById 981246
SecRuleRemoveById 981243
SecRuleRemoveById 959073
SecRuleRemoveById 958030
# Needed for WordPress Cloudflare Plugin
SecRuleRemoveById 911100
## Removed rules for webftp_simple ##
SecRuleRemoveById 950922
SecRuleRemoveById 981000
SecRuleRemoveById 950109
## Removed rules for phpMyAdmin ##
SecRuleRemoveById 981205
SecRuleRemoveById 970901
SecRuleRemoveById 960904
SecRuleRemoveById 960915
SecRuleRemoveById 981318
SecRuleRemoveById 981320
SecRuleRemoveById 981240