CSF Firewall

mistwang

LiteSpeed Staff
#4
Yes, CSF need to be configured to parse error log file for detected IP attacking the server.
We will leave it for CSF developer or someone familiar with their regex setup.
 
#5
Any other firewalls you recommend that may work better with lite speed? APF maybe or does it work fine without any other firewall and just iptables?
 

ffeingol

Well-Known Member
#9
At last look LSWS writes out the 'mod_security' records slightly differently than actual mod_security. This causes CSF to not parse/pick up the LSWS mod_security log records. I can post more details if necessary.
 
#12
Is there a new version of lite speed 4.0.12 or is this fixed in this version already? It says it can not reinstall.

Error: Failed to download release 4.0.12!
 

Tony

Well-Known Member
#14
At last look LSWS writes out the 'mod_security' records slightly differently than actual mod_security. This causes CSF to not parse/pick up the LSWS mod_security log records. I can post more details if necessary.

Do the new versions for you pick up everything? I'm trying to rule out if it's our rules causing nothing to show up in logs or if it's more bugs as far as LSWS mod_security functionality replication.
 

mistwang

LiteSpeed Staff
#15
There was bug in our mod_security implementation, which may skip some rules for audit logging, it should have been addressed in our 4.0.12 release.
 
Top