ConfigServer Community Forum

Hi,

Currently the ModSecurity Log page doesn't update automatically, it would be nice to have a way to auto refresh the page just like the Watch Logs feature within ConfigServer Security & Firewall.

The next improvement that would make a huge difference is simply adding a column for Status to tell us if it's a 200, 403... etc. The same way how cPanel's Mod Security Hits list has the column...

Hi.
I use a lot the CMC and the page to see the LOGs, I think it needs a new design. Something like the one that you do with MailControl.

Right now I only can see one or two lines of the log as all the header is so big and consumes a lot of wasted space.

Can you, please take a look at this.

Best Regards,
Sergio

Hi guys,

We run a bunch of cPanel servers where we use the cPanel Mod_security vendor functionality, and there we include the Comodo WAF ruleset (

To control Mod_security further we use the CMC, since we can disable rules per site level if we want to.

One rule though (ID 220030) we disable globally through CMC, because the rule only applies to PHP versions before 5.4.2 (not something we...

Hello,

What about making a Auto Update on cmc as you have on csf/lfd?
Or setup a cron job so it get automatically updated? :)

Occasionally we use Modify User Whitelist to disable Mod Security for a customer, as part of some troubleshooting. Sometimes we forget to turn it back on. :-(

I would like to see something obvious on the main CMC page, that makes it clear that there are users that are currently whitelisted. Short of that, if there was a place we could go to in CMC to at least see which users are whitelisted,...

Hi Jonathan / Sarah,
what file may I have to tweak in order to have the country code with IP on the CMC log?

It will be great to have the IP and 2 letter country code, so, in a glance we can see what country that IP belongs to.

If it is not possible to add it to the script, may I can have the command to add it myself?

Thanks a lot in advance.

Regards,

Sergio

Hi
i suggest please release DirectAdmin Version for this Plugin !!!
tnx

Hi Jonathan,
it will be nice that the page that shows ModSec errors could be reloaded in an interval of time that will help us to debug any error a customer on a false positive could have.

It will be nice that we could modify that time interval.

Regards,

Sergio

Hey,

I was just using CMC and it doesnt give a 'idiots guide' of how to set it up like CSF does? Could we either make one or try making it easier?

I see you can disable a ar rule ID by domain, but is there a way by directory?
Either on a per domain basis like
/home/username/public_html/foldername/

or for a directory server wide like
/home/*/public_html/foldername

If this cannot be done through cmc, is there a way manually, and could this be added to cmc?

Thanks!

Tom

This is a long term one perhaps...

I was working through mod_security logs and thinking 'I wonder which sites and which rules are getting the most attention?'.

So, how about some kind of statistics tracking for sites and rules. It'd help with security if we knew which sites get hit a lot and which rules are being triggered.