Starburst

Just a FYI, JetBack seems to work with CWP unofficially. When you access the control panel for it, it shows all the CWP user accounts. Only draw back I see, if they would have to use a different control panel, UN & PW to access it.

Check your main config file for the OWASP rules. Sounds like a path wasn't set correctly.

Tried it, still isn't fully working. The servers use ModSecurity2.9.8 with the OWASP CRS ruleset on Apache 2.4.63 Thanks

@Navid Tried your modification, but LFD gave an error:

We run AlmaLinux 9.x Try to run these: dnf install php-cli libsodium libsodium-devel php-sodium php-pecl-zip php-pecl-mailparse php-mbstring php-pear php-devel php-pecl-imagickpecl channel-update pecl.php.netYou may need to recompile afterwards.

I got ModSecurity 2.9.8 working on CWP with Apache and the OWASP latest Ruleset (4.11.0) https://kb.starburstservices.com/control-web-panel-cwp/control-web-panel-cwp-admin-tutorials/update-modsecurity-running-cwp-and-apache-on-almalinux-8-9/ ModSecurity 3.x isn't recommended yet @Sandeep I'll send you a DM

Currently I’m using: ./configure --with-apxs=/usr/local/apache/bin/apxsShould I be building it another way for CWP?

Yes, you can. You will create the main account: User Accounts → New Account. For the additional domain, you will create that under the menu: Domains → Add Domain. That will ask you for the user, which you created above under User Account. Then you can either point to the root of the same directory, or a sub-folder. Or you can user Cloudflare to redirect the domain to another.

So it seems by default CWP send out 3 paragraphs with attacks, and the above code, cut it down to 1 paragraph. Which in turn sites like AbuseIPDB can accept automatically.

Figured it out.

Sandeep, I was using the additional code so LFD would just send the 1 paragraph out to the blacklists, but when I switch to OWASP latest it stopped working. Any ideas? Thanks

Since the Comodo ruleset it dead, has anyone had luck getting Apache, Mod_Security, CSF/LFD and OWASP CRS all working tother? I see from the log file, entries are being added, and /var/log/lfd/log show the file is being monitored. BUT no email notifications are being sent, and the bad IP isn’t being added to /etc/csf/csf.deny to be blocked by CSF. Weird part is, Comodo and OWASP old both work. This is a problem with OWASP latest. CWP version is 0.9.8.1190

Just wanted to confirm this is the fix to migrate CWP from AL8 to AL9 using CWP → CWP Migration.

RoundCube 1.5.9 works greats also. Just need to change the 8 to a 9.

I just always use https://www.alphagnu.com/topic/24-cwp-–-control-web-panel-install-latest-apache-2462-version/

No, The OWASP 4.x ruleset works with Mod Security 2.9.7 and Apache 2.4.62 The only problem, is notifications are not being sent by LFD from the Mod Security log (something isn't being triggered). Otherwise when I look at the log, attacks are being blocked as they should be.

Would like to update ModSecurity from 2.9.7 to 3.0.12, along with using the Latest OWASP Ruleset 4.0.7 Is there a guide how to accomplish this?

You should post this over at the Official CWP forums.

Yes, your reply the 1st time fixed it. 🙂 Had sent you a tip, hope you got it.

Tried to send you a message, but got: You are only allowed to send 0 messages per day. Please try again later. But lookup ticket # 920288... I now see what some people are talking about...

Apache 2.4.60 just got released today. 🙂

Is there a way besides the script in the /scripts folder to update phpMyAdmin? The script in the directory say it has the latest, but is running 5.1.1, and the current version (as of 2024-06-07) is 5.2.1. Thanks

This looks to enable HTTP/2, but not ALPN. How can ALPN be enabled? Thanks

How is this file different than adding it to the disable_functions in the main php.ini? Thanks

Is there any way to get PHP Defender that uses Snuffleupagus to work the PHP 8.2.x on AlmaLinux 8.x?