• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

OWASP ModSecurity CRS (WHM Cpanel Config) - Question

XxUnkn0wnxX

Active member
#1
recently Cpanel had an update and i have been using mod security more and more to improve Security....

now from here: https://documentation.cpanel.net/display/CKB/OWASP+ModSecurity+CRS

reading the Docs i believe that some of these rules would interfere with Xenforo

i know in the past zbblock caused issues when i set rule to block RFI based attacks even though when i tried to upload XML files they where seen as an attack or posting threads with lots of code in it where seen as an attack though in reality it was a false positive...

has any one had any of these rules set up and had any issues?

if so what rules and how should they be disabled?
 

Tracy Perry

Well-known member
#3
I'd be happy to... but I don't use a panel as I believe that it is a drain on resources.
Also, the number of people that use the OWASP rule set may not be that high. You may have more luck asking on the actual cPanel support site.
 
#5
i have done some testing and it seems OWASAP rule seem to block legit uses i have this so far configured the rest seems to block legit users do to the type of URL they get served up like long URL with symbols in it or xefenfor's proxified images




i have other rules in place by cloud flare WAF and other layers that protect against some of the disabled ones...
its just the ones provided by vendor seems to block legit traffic.. as it incompatible with xenforo based structure..
like some of the links serviced up to users, some of these rules think it is an attack..
i'd rather have these rules blocking the request not banning the ip....