CSF/LFD not blocking IP's triggered by OWASP
Posted: 29 Jan 2025, 00:24
I'm trying to switch over from the Comodo ruleset (Since they are dead now) to OWASP.
CSF/LFD is being used with CWP (Control Web Panel).
Need some help.
I use to get LFD notifications and automatic blocks when using Comodo, but now I get neither.
/etc/csf/csf.conf shows:
I tried changing it to /usr/local/apache/logs/modsec_audit.log, but no joy.
Even tried adding it to CUSTOM3_LOG, no joy.
I see entries from OWAP in the error_log file.
So I 'assume' OWASP is working correctly, CSF is blocking ports and IP's that are in /etc/csf/csf.deny
Thanks
CSF/LFD is being used with CWP (Control Web Panel).
Need some help.
I use to get LFD notifications and automatic blocks when using Comodo, but now I get neither.
/etc/csf/csf.conf shows:
LF_MODSEC = "5"
LF_MODSEC_PERM = "1"
..
..
MODSEC_LOG = "/usr/local/apache/logs/error_log"
I tried changing it to /usr/local/apache/logs/modsec_audit.log, but no joy.
Even tried adding it to CUSTOM3_LOG, no joy.
I see entries from OWAP in the error_log file.
So I 'assume' OWASP is working correctly, CSF is blocking ports and IP's that are in /etc/csf/csf.deny
Thanks