ConfigServer Community Forum

Recently we've added the UptimeRobot IPs from https://uptimerobot.com/inc/files/ips/IPv4andIPv6.txt to our CSF allow list (using "Include" of a separate file). For each IP, we've added icmp|in|d=ping|s=<IP> and tcp|in|d=80,443|s=<IP> . On some servers running CloudLinux 8 with cPanel, we'v...

It seems like LF_APACHE_401 and LF_APACHE_403 don't seem to always work either, so I've built custom rules for all Apache-related LF_* options: # BEGIN - Custom REGEX Rules # mod_security v2 (Apache) if (($config{LF_MODSEC}) and ($globlogs{MODSEC_LOG}{$lgfile}) and ($line =~ /^\[\S+\s+\S+\s+\S+\s+\S...

We've noticed that some Apache-related LF_* rules (LF_APACHE_404 and LF_MODSEC specifically) no longer seem to get triggered. I've simulated multiple 404 errors and triggered random ModSecurity rules, but CSF didn't pick up any of the events, and my non-whitelisted IP address didn't get blocked at a...

This can be closed, as we've found out eventually that part of the scan (including this check) was performed on a CloudFlare IP address instead of our server.

Hello, For some reason on one of our servers the following test of a PCI scan fails: TCP Source Port Pass Firewall PCI Severity Level: The vulnerability is not included in the NVD. VULNERABILITY DETAILS CVSS Base Score: 5 CVSS Temporal Score: 3.6 Severity: 3 QID:34000 Category: Firewall Last Update:...

On April 1st 2024, Google will implement a new pricing model that will significantly reduce the free tier usage of reCAPTCHA and introduce new prices for the reCAPTCHA Enterprise service. A different firewall that we use has developed their own bot protection technology in preparation for this chang...