Hi, I have set a pair of sites without problems, but when enabling modsecurity, the login page and contact forms seems to be blocked when submit.
The browser never load and finally this error is showed:
ERR_SPDY_PROTOCOL_ERROR
And /usr/local/lsws/logs/error.log
AdminLogin:
POST /administrator/index.php HTTP/1.1
2018-10-15 09:48:48.521864 [INFO] [IP…:HTTP2-1] Request body size: 128, received: 0.
2018-10-15 09:55:43.537567 [INFO] [IP…HTTP2-1] Connection idle time too long: 301 while in state: 3 watching for event: 25, close!
2018-10-15 09:55:43.537603 [INFO] [IP…:HTTP2-1] Content len: 1026,
Contact form
Request line:
POST /contact HTTP/1.1
2018-10-15 09:55:43.537609 [INFO] [IP…:HTTP2-1] Redirect: #1, URL: /index.php
2018-10-15 09:55:43.537613 [INFO] [IP…:HTTP2-1] Request body size: 1026, received: 0.
Sites are Joomla (not the autoinstall Joomla of cyberpanel). Is someone facing this issue? I guess that some modsecurity rule can solve this, but no idea.
Hi again @CyberPanel, I have upgraded today to 1.7 build 3, and the issue is still present. Since this problem make common Cms not usable, have you got any advice for security config with mod_security disabled?
I can confirm that updating openlitespeed the issue is fixed. Now, with cyberpanel 1.8.1 and openlitespeed 1.4.43 Open all is running fine with mod_security enabled.
With any of modsecurity rules Comodo or OWASP is not able to upload images in my WordPress site
Anyone can help me fix the rules or is a bug of openlitespeed also?
With any of modsecurity rules Comodo or OWASP is not able to upload images in my WordPress site
Anyone can help me fix the rules or is a bug of openlitespeed also?