Navid

After reviewing the code, I've made some improvements for better readability and maintainability. The functionality remains the same, but the code is now more structured and clearer. Here's the revised version: perlCopy # added by Navid if ($config{LF_MODSEC} && $globlogs{MODSEC_LOG}{$lgfile} && $line =~ /^\[\S+ \S+ \S+ \S+ \S+\] \[(\w*)?:error\] (\[pid \d+(:tid \d+)\]) \[client \S+:\S+\] \[client (\S+)\] ModSecurity:(( \[[^\]]+\])*)? Access denied/,/) { my $ip = $4; $ip =~ s/^::ffff://; $ip =~ s/:\d+$// if split(/:/, $ip) == 2; my $ruleid = "unknown"; if ($line =~ /\[id "(\d+)"\]/) { $ruleid = $1; } if (checkip($ip)) { return ("mod_security (id: $ruleid) triggered by", $ip, "mod_security-custom", "4", "80,443", "1"); } else { return; } } # ended by Navid Changes made to the code: Replaced the and operator (&&) instead of and for better Perl coding practice. Reorganized the conditional checks to be more concise and easier to read. Simplified the conditional statement for removing the port number from the IP address. Added curly braces for better clarity and readability. Note: if there is missed please advice me. thank you.

Hi, kindly some one help us on how to update/ upgrade Mode Security to latest version : v3.0.13 on cwp panel please thank you so much

Hi, dear Sandeep thank you so much for you a very nice and useful guide on cURL. but as you know the latest is cURL 8.11.1 could you please confirm and update the code for the latest cURL??? note: does the Latest cURL is capable with cwp? thank you and waiting for you guide. regards.

thank you so much this topic help me a lot your sincerely

Hi, dear masters, I would like to install the latest version of the cURL on centos 7 Kindly guide me on how can apply this scenario because I did as below; rpm -Uvh http://www.city-fan.org/ftp/contrib/yum-repo/rhel7/x86_64/city-fan.org-release-2-1.rhel7.noarch.rpm yum --enablerepo=city-fan.org update curl libcurl libcurl-devel but it is not working. thank you so much.

Hi, this week I got a lot of attack which was on the below path: 2025/01/12 15:02:08 [error] 762#762: *1768584 openat() "/usr/local/apache/autossl_tmp/.well-known/acme-challenge/ALFA_DATA/alfacgiapi/bash.alfa" failed (2: No such file or directory), client: 68.183.234.75, server: mysite.com, request: "GET /.well-known/pki-validation/ALFA_DATA/alfacgiapi/bash.alfa HTTP/2.0", host: "www.mysite.com" and they trying to redirecting the website on which one they want, as well there was a huge DDoS attack on same path. kindly advice me on how can make it secure the centos 7 with cwp please. I put a scenario below for some security step : edit htaccess file on the root by: thank you

Hi, thank you very much, yes it does, everything was good 3 days before, but suddenly it seem issue in rdns kindly guide me what if I setup new server by alma9 but I’m not sure CWP support alma 9? what is the solution thank you

Hi, thank you dear sandeep for your time and efforts to resolve our issue it’s to much worthy for us indeed. yes the 53 port is sat correctly to open in all mood tcp and udp waiting for further solution please thank you.

Hi, dear Master please guide me on does it possible to Migrating from CentOS7 to AlmaLinux9 (same server) without installing to new server? I having Centos7 and willing to Migrating to Almalinux9 without new installation to the new server? if possible please guide me. Note: i found the below articles but I’m not sure it will work or no. source link: AlmaLinux vs. Rocky Linux: a com...AlmaLinux vs. Rocky Linux: a comparison and guide - Hosti...

Hi, dear masters I having issue with my rDNS which are showing rDNS/PTR = FAILED I have attached a screen shot for further help and kindly guide me on how can resolve this issue. Postfix Mail Server Manager Rebuild your mail server with Amavisd, Spamassassin, ClamAV (AntiSpam and AntiVirus Protection) Hostname needs to have a valid A record and rDNS/PTR set for successful email delivery. **Reject the request when the hostname in the client HELO (EHLO) command has no DNS A or MX record. The unknown_hostname_reject_code specifies the response code to rejected requests (default: 450). Your Hostname is: cloud.signalprime.com and it resolves to IP: ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.16 <<>> A cloud.signalprime.com +short @8.8.8.8 ;; global options: +cmd ;; connection timed out; no servers could be reached [Check Black List] rDNS/PTR = FAILED, check with your hosting provider!FAILED[Check SenderBase] rDNS/PTR check for IP 116.202.219.107 = ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.16 <<>> -x 116.202.219.107 +short @8.8.8.8;; global options: +cmd;; connection timed out; no servers could be reached rDNS/PTR check for IP 116.202.219.96 = ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.16 <<>> -x 116.202.219.96 +short @8.8.8.8;; global options: +cmd;; connection timed out; no servers could be reached kindly guide me please thanks.

Hi, I hope you are doing well. whenever i ran this command all things goes as expected well. curl -s -L https://www.alphagnu.com/upload/centos7-repo-fix.sh | bashbut when trying to update the system by: yum update: I getting the bellow error. yum update Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * epel: d2lzkl7pfhq30w.cloudfront.net No packages marked for update kindly guide me what is the issue thank you

HI, dear Master Sandeep for your nice help and your precious time. Kindly what about the below ink tutor I mean is it necessary or your solution will be enough https://www.superspeedyplugins.com/kb/performance-optimization/stack-guides-tips/configuring-nginx-pass-real-ip-addresses-cloudflare-compatible-fail2ban-wordpress/ thank you so much regards

Hi, Dear support team I facing a very strange issue for 3 past days, the problem that I’m facing is showing me just the Cloudflare IP, not the real IP that connects to our server and our websites. It happened 3 days ago and it continued, before this issue the real IP that connected to each website was shown and visible on the security center incident and log files but right now just showing Cloudflare IP: https://www.cloudflare.com/ips-v4/ that we are using it as proxy and some other security measures. I don’t know what is happening because I don’t bring any changes. I did some research on X-Forwarded-For or CF-Connecting-IP but I can’t find solutions for cwp and this specific problem Kindly guide me on how can resolve this issue I have attached a screenshot for your further help. Regards.

HI, Dear Mr Sandeep I hope you and your honor family are safe and rounded by Gold bless. I have two question about my.cnf what if I add this line into my.cnf: init-connect='SET NAMES utf8' Because I would to support fully UTF8??? second ad you advice I have to remove this line: default_storage_engine = MyISAM or just remove MyISAM from the end of the line??? or I have to remove completely the line??? thank you very much for you answer in advance regards.

Thank you so much it's work perfectly, and it save me. thank you so much from both of your gentleman!