I run my installation for some months without any issues. CP with open Litespeed an modsecurity.
Yesterday I figured out, that my webtraffic was reduced a lot since 5 days. And I had the issue, that I couldn´t connect to some of my hosted domains.
After some testing I figured out, that modsecurity blocks connections.
If I disable modsecurity all work again. If I start it again, everything runs fine for about 1 or 2 hours. And suddenly everything gets blocked.
So my question: Can anyone give me a hint how to solve such a problem?
I need to figure out what is triggering which rule and why.
And: Where are the blocks? iptables?
How can I do this?