ConfigServer Community Forum

That is what the LF_CXS option in csf.conf is for. cxs itself cannot do it as the ModSecurity process runs as the nobody (or default apache) user and not root. So it is - missed that in the options. Not quite clear on the difference between LF_MODSEC and LF_CXS but have set LF_CXS to 1 and will mon...

If you don't use the theme, delete it. If you do, keep it updated. Haven't seen any other reports of a similar nature.

Having looked at various options to reduce the amount of alerting, I think the best one is just to put the script filename in the cxs.ignore file. In this case, it would be : hfile:/public_html/wp-admin/admin-ajax.php This assumes that you're happy that admin-ajax.php is properly patched and secure....

Okay, here's my solution, hopefully someone can sanity-check it. I should say my server uses suPHP so my sites run with permissions of their owners. The best approach seems to be to allow your web user to sudo the command. Step 1 : I create a file /etc/sudoers.d/webuser with one line : webuser ALL=N...

I know this is a fairly old post but I've been looking for the answer to the same question. The difficulty (I think) is that you need to be root to call the command-line CSF configuration utility e.g. csf -d 11.22.33.44 Added because I don't like them Most PHP scripts will run either as Apache, Nobo...

In common with the others on this thread, I'm looking for a way to submit firewall logs to DShield. It's one of those areas where you are probably not going to make a huge difference at an individual server level because the majority of entries in your log are from your spotty Korean school boy who ...