Search results

Perfect. Thank you @Peter Debik

@Peter Debik , I have a good news. Some Logs are showing currently since 2 days. So normally, the ModSec is working now. Another question please: In the Predefined set of values: When I set "Fast" : Few logs is logged. When I set "Tradeoff" : A lot of logs is logged with some error and false...

Also, what is the exact name of the config file of Modsecurity for nginx to check the file if exist or not ?

Hello @Peter Debik , I have tried this cmd: cd /var/log/modsecurity/audit/ Output: -bash: cd: /var/log/modsecurity/audit/: No such file or directory

@Peter Debik I have just checked now, and the log still empty. Maybe the reason because I'm in detect only mode ?

Same problem, Log file still empty. Do I need to wait at least 24H before checking the Mod Sec Log File ?

Hello @Peter Debik , I have tried to visit https://example.com/aphpfilethatdonotexist.php?something=../../etc to trigger the error code 403, but what I don't understand is the 404 error being triggered instead of 403.. as if ModSecurity is not working.

Hello, When I try to check the logs in ModSecurity Log File or Logs Archive, it shows a blank page, it doesn't show any logs. Firewall mode : Detection only

Got it, I just checked the change log and I can see that this update has already been made. Thank you @Peter Debik

Hello, How to upgrade ModSecurity 3.0 (nginx) to 3.0.8 safely ? I use ModSecurity 3.0 + OWASP, and in the documentation of OWASP, a notice is mentioned: From CRS 3.2.2, 3.3.3 and up, ModSecurity 2.9.6 or 3.0.8 (or versions with backported patches) are required due to the addition of new...

Hello, I'm using Ubuntu 20.04.5 LTS, Atomic is not available unfortunately. Just Comodo and OWASP are available.

Hello @Peter Debik , Is is it safe to keep Modsec + Comodo even if Comodo have not updated the rulesets since 2020-11-19 22:32:48 ? If not, what is the best alternative ?

After Cloudflare will be configured, there will be any problem regarding the delivery of the mail?

BTW @Peter Debik , I have already a rDNS configured in the router of my data center, there is no impact regarding the delivery of mail when the cloudflare is configured , that's it ? ?

Hello @Peter Debik , Not yet, I'll try now. Thanks.

Nginx and ModSecurity Notes (Linux) On Linux, ModSecurity is a module for Apache. Thus, it can check only HTTP requests that reach Apache. Apache can be supplemented with another web server - nginx. If you turn on the Process PHP by nginx option of the nginx web server for dynamic content of...

Hello, I want to reinstall Cloudflare. If I remember correctly, I had already tested it before, but I got a 520/521 error (website down), except that the server was working normally. Is there a conflict between Fail2ban and Cloudflare? Any idea to solve this problem?

Hello, I use nginx only (reverse proxy unchecked). How can I use a WAF in this case ?

Hello, Are there any update regarding Atomic rulesets compatibility with ModSecurity 3.0 for UBUNTU ? I have tried to use COMODO, apparently the project is dead. No update of the rulesets since a few month ago. OWASP is very strict and will not work smoothly with Wordpress. Since I use NGINX...

Hello @straddi Did you find a solution?