New findings --- When we implemented ModSecurity™ Tools with vendor OWASP ModSecurity Core Rule Set our Opencart site displayed strange behavior. We had to disable three of the 21 core rules to make our site act and preform normal again. Below are the three rules we had to disable. Hope this helps others who may have a VPS/server that has implemented ModSecurity™ Tools for Cpanel/WHM..
Rules we had to disable
rules/REQUEST-33-APPLICATION-ATTACK-PHP.conf
rules/REQUEST-41-APPLICATION-ATTACK-XSS.conf
rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf
Documentation if you want to review rules
https://documentation.cpanel.net/displa ... curity+CRS
https://www.owasp.org/index.php/Categor ... et_Project
We've been running without hiccups since last year July using the Comodo WAF rules. They are available as a vendor now as well for cPanel.
https://waf.comodo.com
Vendor for WHM: https://waf.comodo.com/doc/meta_comodo_apache.yaml
https://waf.comodo.com
Vendor for WHM: https://waf.comodo.com/doc/meta_comodo_apache.yaml
Attn: I no longer provide OpenCart extensions, nor future support - this includes forum posts.
Reason: OpenCart version 3+
Thanks!
Just added Comodo as a Mod Security Vendor and the issue we had with OWASP ModSecurity Core Rule Set are not present anymore. There are 31 rules as well. We will have to put them through the paces. But so far no concerns.. Thanks for the link artcore.
YAML url for ModSecurity Apache Rule Set:
https://waf.comodo.com/doc/meta_comodo-apache.yaml
litespeed yaml rule set:
https://waf.comodo.com/doc/meta_comodo-litespeed.yaml
YAML url for ModSecurity Apache Rule Set:
https://waf.comodo.com/doc/meta_comodo-apache.yaml
litespeed yaml rule set:
https://waf.comodo.com/doc/meta_comodo-litespeed.yaml
Who is online
Users browsing this forum: No registered users and 42 guests