Post by kombi » Mon May 04, 2015 4:02 am

New findings --- When we implemented ModSecurity™ Tools with vendor OWASP ModSecurity Core Rule Set our Opencart site displayed strange behavior. We had to disable three of the 21 core rules to make our site act and preform normal again. Below are the three rules we had to disable. Hope this helps others who may have a VPS/server that has implemented ModSecurity™ Tools for Cpanel/WHM..

Rules we had to disable
rules/REQUEST-33-APPLICATION-ATTACK-PHP.conf
rules/REQUEST-41-APPLICATION-ATTACK-XSS.conf
rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf


Documentation if you want to review rules
https://documentation.cpanel.net/displa ... curity+CRS
https://www.owasp.org/index.php/Categor ... et_Project

New member

Posts

Joined
Thu Sep 06, 2012 5:03 am

Post by rph » Mon May 04, 2015 4:20 am

It seems like mod_security is always causing more problems than it prevents.

-Ryan


rph
Expert Member

Posts

Joined
Fri Jan 08, 2010 5:05 am
Location - Lincoln, Nebraska

Post by artcore » Mon May 04, 2015 4:31 am

We've been running without hiccups since last year July using the Comodo WAF rules. They are available as a vendor now as well for cPanel.

https://waf.comodo.com
Vendor for WHM: https://waf.comodo.com/doc/meta_comodo_apache.yaml

Attn: I no longer provide OpenCart extensions, nor future support - this includes forum posts.
Reason: OpenCart version 3+ ;D

Thanks!


User avatar
Active Member

Posts

Joined
Tue Jul 09, 2013 4:13 am
Location - The Netherlands

Post by kombi » Mon May 04, 2015 5:42 am

Just added Comodo as a Mod Security Vendor and the issue we had with OWASP ModSecurity Core Rule Set are not present anymore. There are 31 rules as well. We will have to put them through the paces. But so far no concerns.. Thanks for the link artcore.


YAML url for ModSecurity Apache Rule Set:
https://waf.comodo.com/doc/meta_comodo-apache.yaml

litespeed yaml rule set:
https://waf.comodo.com/doc/meta_comodo-litespeed.yaml

New member

Posts

Joined
Thu Sep 06, 2012 5:03 am
Who is online

Users browsing this forum: No registered users and 4 guests