Dear CyberPanel/LiteSpeed Support Team,

I am experiencing an issue where my ModSecurity module does not appear to be loading or functioning correctly on my LiteSpeed server, even though it is enabled in the CyberPanel GUI.

Problem Details

• ModSecurity and OWASP CRS are Enabled in the GUI configuration.
• However, all security tests (e.g., trying to access specific endpoints with known attack strings) result in a 200 OK (normal page load) instead of the expected 403 Forbidden response.
• The ModSecurity audit log (/usr/local/lsws/logs/modsec_audit.log) does not exist, indicating the module might not be loading at all.
• I have already performed a server reboot and updated CyberPanel to the latest version, but the issue persists.

Request

Could you please assist me in diagnosing why the ModSecurity module is not being initialized by the LiteSpeed web server? I suspect there might be a configuration or environment issue preventing the module from loading correctly.

Thank you for your assistance.

will be very glad. My website went down becasue of the mod security error. All this is on hte latest cyberpanel github upgrade. below is the error message on all websites hosted on the vps. the minute i disable modsecurity from cyberpanel dashboard. everything becomes smooth sail.

This site can’t be reached

The connection was reset.

Try:

• Checking the connection
• Checking the proxy and the firewall
• [Running Windows Network Diagnostics](javascript:diagnoseErrors())

ERR_CONNECTION_RESET