2 - Mod Security Configurations

usmannasir · November 4, 2021, 6:21pm

**Once you open**: https://:8090/firewall/modSecurity

You will see something like:

There are seven options, lets discuss them.

ModSecurity Status

This is the only option controlled by OpenLiteSpeed web server, once you turn this off nothing related to ModSecurity will work, this should be turned On for ModSecurity to function.

SecAuditEngine

ModSecurity can generate extensive logs for HTTP requests in the Audit log file, this option states weather you need extensive logging or not. You can read more details here.

SecRuleEngine

Weather to process rules you have defined in the rules files or not, if ModSecurity Status is turned off this option does not make any effects.

SecDebugLogLevel

Levels of debug logs you need, 9 being the highest level of logging. More details here.

SecAuditLogParts

If SecAuditEngine is turned on you can decide here which parts of HTTP trasaction you want to be logged into audit log file, more details here.

SecAuditLogRelevantStatus

Related to Audit logging more details here.

SecAuditLogType

How Audit logging should be done, more details here.

Laque · April 23, 2024, 9:46am

Hi @usmannasir;

You give a option to delete the full Ruleset, but is not the best practice for use Relests, Modsecurity let to block specific rules insite the rulesets, it is possible to integrate on cyberpanel like on directadmin?

usmannasir · April 23, 2024, 10:24am

Sure, we can do that.

Laque · April 23, 2024, 10:49am

Directadmin let to configure the Remove Rules by domains, it is a good option cuz not every website are made with the same tecnology.

usmannasir · April 23, 2024, 12:11pm