ConfigServer Community Forum

Hello,

Is there any way to allow customer disable ModSecurity rules directly? Because at this time, I have to manage all tickets related to ModSecurity one by one and setup them in the CMC at the WHM side.

Can CMC be used with Imunify360 to disable modsec rules for specific domain(s) and also server-wide?

Thanks.

I'm guessing this is a modsec question, but please let me know if I'm in the wrong place.

We have the problem of hackers trying to submit forged payment requests. They return the url /checkout?payment_failed=1 when their attempts fails.

How can we block their ip IF they visit that url more than 3 times?

Many thanks in advance.

i triggered modsec rule for testing.
I tailed /usr/local/apache/logs/modsec_audit.log and i saw modsec was trigger
when i check to whm > cmc > modsec log, i can't see anything.
so i try modsec plugin from cpanel (WHM > Plugins > Mod Security) i can see the record.

Any advice?

Hi there. I've been trying to update CMC on a new server through WHM, and updates have been failing for several weeks. The server is running CENTOS 7.5 standard v74.0.9

Here are the update messages:

Retrieving new cmc package...

Unpacking new cmc package...

tar (child): cmc.tgz: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned...

Hi,

I am getting this in the modsec log;

---
collections_remove_stale: Failed to access DBM file /var/cpanel/secdatadir/ip : Permission denied
---

Any advice?

/Tommy

trying to update a rule using 3.0.2 and i get this below. also it doesn't seem to be working (use to work not sure if its been deprecated or this software is dead? any fix would be apprecated

Initial configuration generation failed with the following message:

The “/usr/sbin/httpd -DSSL -t -f /etc/apache2/conf/httpd.conf.work.3e8285bb.cfgcheck -C Include /etc/apache2/conf.modules.d/*.conf ”...

Hello

I received this email alert:

DISKWARN blocks ⚠: Mount Point /var/tmp

In fact I have this problem every time I start Modsecurity (WHM> Plugins> ConfigServer ModSecurity Control - cmc v3.02> On

How to solve? Why does he create full files in /tmp and are never deleted? !!

The contents are always the same, for example:

20190929-164834-XZDEQvVm4BVDTJKP-ghNEwAAABE-file-3LUIA0

There...

Hi,
Here's what I did:

I add user in this file /etc/csf/csf.pignore
Then I put:
================
PT_USERMEM = 0
================
and
================
PT_USERTIME = 0
================
Then I restart CSF with this command below:
=================
csf -r
=================
But, I continue to receive these emails and I do not know what to do

Thank you for helping me.

Hello,

is it possible to allow a rule to pass only for an ip address?

Regards,

A few user already reported this issue in the general section.

It looks like the script isn't downloading the installationpackage from configserver.com and then is unable to extract the non-existing package.

Retrieving new cmc package...

Unpacking new cmc package...

tar (child): cmc.tgz: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child...

Hello

My question is simple : Is cmc still useful/can work with the nowadays cpanel server?

I asked this because it is pretty confusing now to me that cpanel already comes with its cpanel modsecurity tools that can setup different rules/disable rules, More importantly, it looks like it is not working now?

For example, in cmc the first option can let you disable the mod_security completely, i...

Hello,

We have some security rules deactivated in ConfigServer ModSec Control . The problem is that even with the rules disabled there are still clients being blocked in our firewall because of them.

The rules are: 970901 and 981205

In our logs:

ModSecurity: Access denied with code 403 (phase 4). Pattern match ^5\\\\d{2}$ at RESPONSE_STATUS.

ModSecurity: Warning. Operator GE matched 0 at...

Hi.
Thanks for the time-saver.
We have been using it.
However, since we upgraded to v66, CMC U is blank.
Please is there any ETA for an update?
Thanks!!

Dear Configserver,

I plan to upgrade my EA3 to EA4, may i know is it current cmc supported EA4?

TQ

One of our clients reported an issue with loading their domain. On checking we could see a mod security rule (ID: id 1234123413 ) has been triggered and which caused the issue. We have then whitelisted the rule in the server, but upon checking we could see that the rule was not whitelisted properly and triggered again.

Logs shown in apache error logs are.

-------------------
ModSecurity:...

After uninstalling, and reinstalling to 2.09, the WHM UI will not load.

We see stuck process

root 160020 0.5 0.0 56884 16860 ? S 11:22 0:00 | \_ /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/whostmgr/docroot/cgi/configserver/cmc.cgi

we straced this process from a few milliseconds after it was created, and it stops in the same place every time

11:22:47.342042 stat( /home/redacted ,...

11.46 adds ModSecurity features to WHM/cPanel which on the face of it seems like a great thing but is it?

Does it conflict with ConfigServer's ModSecurity Control?

Hello,

It seems the plugin after installed by cPanel Server Service, without any of my interference does not display or read the logs, it display this error.

ConfigServer ModSecurity Control - cmc v2.01

Displaying logs from /etc/apache2/logs/modsec_audit/

No entries found in /etc/apache2/logs/modsec_audit.log

root@panel # stat /etc/apache2/logs/modsec_audit.log
File:...

Had to replace a hard drive in my server and kept the old one mounted for reference. Would like to transfer over my previous whitelisted rule id's for each domain that I created on the old drive but cannot seem to find the right files. Anyone point me in the right direction?