csf does not BAN ip for all rules. some rules just blocked on modsec, other rules ban IP
Hi,
I have ModSecurity 2.9 and OWASP Rule v3.3.0 running on my box Cloudlinux/nginx proxy/Apache 2.4 (+mod_remoteip)
Some rules ban IPs on CSF , other rules just block on moddesc and no CSF ban...
i have all triggers correctly in apache logs and correct setup in csf
MODSEC_LOG=/usr/local/apache/logs/error_log
LF_MODSEC = 5
LF_MODSEC_PERM = 1
is this a normal behavior? i need to edit some default value?
example of RULE BANNING IP:
SecRule TX:ANOMALY_SCORE "@ge...
csf does not BAN ip for all rules. some rules just blocked on modsec, other rules ban IP
I have ModSecurity 2.9 and OWASP Rule v3.3.0 running on my box Cloudlinux/nginx proxy/Apache 2.4 (+mod_remoteip)
Some rules ban IPs on CSF , other rules just block on moddesc and no CSF ban...
i have all triggers correctly in apache logs and correct setup in csf
MODSEC_LOG=/usr/local/apache/logs/error_log
LF_MODSEC = 5
LF_MODSEC_PERM = 1
is this a normal behavior? i need to edit some default value?
example of RULE BANNING IP:
SecRule TX:ANOMALY_SCORE "@ge...
csf does not BAN ip for all rules. some rules just blocked on modsec, other rules ban IP
+ نوشته شده در ساعت 23:56 توسط generator
برچسب ها: |