Search results

Hello @Peter Debik , When I try to save the custom directives in ModSec, this error occur: Invalid ModSecurity configuration: nginx: [emerg] "modsecurity_rules_file" directive Rules error. File: /etc/nginx/modsecurity.d/main.conf. Line: 6. Column: 44. Expecting an action, got: Include...

Got it. I use already ModSec 3.0 + Nginx + OWASP. I'll try this night to install Geo2ip lite database and configure it with ModSec. Thanks.

Got it. Thank you. By the way, Geo2ip lite database work with the web server Apache and Nginx, no difference, right ?

Hello, I want to block few countries through Plesk via ModSec. I have read the documentation in this url: https://support.plesk.com/hc/en-us/articles/12377285410839 If I apply the Workaround 2, the Website hosted in the server will be unavailable in the blocked countries, right ? Thank you.

I have read your question. You have a problem with Fail2ban, right ?

you can try this: sudo /etc/init.d/fail2ban stop sudo rm -rf /var/lib/fail2ban sudo /etc/init.d/fail2ban start sudo reboot

Take a look here, it may help you: https://talk.plesk.com/threads/fail2ban-sqlite-database-huge.360658/

Perfect. Thank you @Peter Debik

@Peter Debik , I have a good news. Some Logs are showing currently since 2 days. So normally, the ModSec is working now. Another question please: In the Predefined set of values: When I set "Fast" : Few logs is logged. When I set "Tradeoff" : A lot of logs is logged with some error and false...

Also, what is the exact name of the config file of Modsecurity for nginx to check the file if exist or not ?

Hello @Peter Debik , I have tried this cmd: cd /var/log/modsecurity/audit/ Output: -bash: cd: /var/log/modsecurity/audit/: No such file or directory

@Peter Debik I have just checked now, and the log still empty. Maybe the reason because I'm in detect only mode ?

Same problem, Log file still empty. Do I need to wait at least 24H before checking the Mod Sec Log File ?

Hello @Peter Debik , I have tried to visit https://example.com/aphpfilethatdonotexist.php?something=../../etc to trigger the error code 403, but what I don't understand is the 404 error being triggered instead of 403.. as if ModSecurity is not working.

Hello, When I try to check the logs in ModSecurity Log File or Logs Archive, it shows a blank page, it doesn't show any logs. Firewall mode : Detection only

Got it, I just checked the change log and I can see that this update has already been made. Thank you @Peter Debik

Hello, How to upgrade ModSecurity 3.0 (nginx) to 3.0.8 safely ? I use ModSecurity 3.0 + OWASP, and in the documentation of OWASP, a notice is mentioned: From CRS 3.2.2, 3.3.3 and up, ModSecurity 2.9.6 or 3.0.8 (or versions with backported patches) are required due to the addition of new...

Hello, I'm using Ubuntu 20.04.5 LTS, Atomic is not available unfortunately. Just Comodo and OWASP are available.

Hello @Peter Debik , Is is it safe to keep Modsec + Comodo even if Comodo have not updated the rulesets since 2020-11-19 22:32:48 ? If not, what is the best alternative ?

After Cloudflare will be configured, there will be any problem regarding the delivery of the mail?