ERROR [ModSecurity] unknown server variable while parsing: MULTIPART_STRICT_ERROR

[webking_amsterdam]

The following error appeared:

ERROR[ModSecurity] unknown server variable while parsing: MULTIPART_STRICT_ERROR

after rebuilding Apache/php to include ModSecurity as well with EasyApache in WHM/cPanel on our VPS with CloudLinux, WHM/cPanel, WHMCS, Installatron, Configserver Firewall and Litespeed.

Can Litespeed be configured to work with ModSecurity I wonder ?

Can we work towards using Comodo Web application firewall ( WAF ) with Litespeed on our VPS and what problems can we expect ?

 

[Michael]

Howdy,

While LSWS does support most of ModSecurity, our support is not 100%. (Part of this is because ModSecurity is always changing. Part of this is because ModSecurity is written for processed-based architecture as opposed to event-driven architecture.)

Check this wiki for the parts of ModSecurity that are unsupported: https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:config:mod_security-compatibility

The error you are seeing just means that that variable is unsupported and will be ignored. This does not affect LSWS's overall ModSecurity compatibility.To put it another way: LSWS works with most of ModSecurity, just not all of ModSecurity.

We don't know of any particular problems with the Comodo WAF. You can certainly use it with LSWS. If you want to know how well it performs, I would start a new thread here or on hosting forums. We don't have firsthand experience using it to host sites.

Cheers,

Michael

 

[webking_amsterdam]

Thank you for your reply !

Latest update: The above posted error warning in Litespeed ( Mod_security related ) have completely disappeared after installing Comodo WAF ( Web Application Firewall ! )

This post covers various questions and our experiences ( + resources ) for installing Comodo WAF on Litespeed !

Usng Comodo WAF with Litespeed was first advised to us by CloudLinux. We learned that Comodo WAF is compatible with Litespeed and gives suitable Modsecurity rules.

-------------------------

First some questions on using Cloudflare, Comodo WAF, modsecurity, configserver firewall, Litespeed with WHM/cPanel and asking whether this combination would be more advisable as it is increasingly (?) used by other webhosting companies:

http://www.litespeedtech.com/support/forum/threads/litespeed-and-wordfence-problem.8948/#post-80088

--quote---

"""Why not just use a provider who uses LiteSpeed (also with caching if needed), CSF, mod_security and Comodo WAF as they pretty much do the same thing. But please correct me if I misunderstood what you meant.

We have been using Comodo WAF (similar to what WordFence, BulletProof etc do) and very happy with it. So far, so good anyway.

More and more providers are starting to use Comodo WAF now."""

( above reply by: HostXNow - http://www.hostxnow.com | VPS Hosting - cPanel/WHM • CloudLinux (Multi PHP) • Offsite Backups • LiteSpeed • Website Builders • Softaculous • Domains • SSL )

www.webbhostingtalk.com/showpost.php?s=a7d718406d9ae31f1adf392728aeeed8&p=9094791&postcount=4


----end of quote---

-------------------------------------------------------------------

The link below post is a part of a discussion thread on using the Wordfence plugin on WordPress together with Litespeed webserver:

http://www.webhostingtalk.com/showthread.php?t=1369769

--------------------------------------------------------------------

Before installing Comodo WAF we had some important questions to be answered:

(1) What to do with Configserver Firewall ( without any add-ons) already installed on our VPS when wanting to also deploy Comodo WAF ?

Should we see Comodo WAF as a complete replacement of Configserver Firewall or what ?

The answer is YES we can leave it installed on our VPS as it will work together with Comodo WAF !

See the below weblink(s) for more info on this and our install experiences:

http://www.webhostingtalk.com/showthread.php?p=9166801&posted=1#post9166801

( see posts of webking57 and reply by danami )

http://forums.comodo.com/free-modse...-litespeed-t102938.0.html;msg765716#msg765716

( the above link for some additional questions after having installed WHM/cPanel Comodo plugin etc. )


(2) Our Question will Modsecurity would work well with Litespeed in view of a multitude of (confusing) postings is now cleared !

The answer is YES !

--------------------------------------------------------------------------------

Useful information and resources for installing Comodo WAF and its WHM/cPanel plugin:

http://help.comodo.com/product-212-Comodo-Free-Mod-Security-Rules.html ( general: help guide )

http://help.comodo.com/topic-212-1-514-5928-.html

http://help.comodo.com/topic-212-1-514-5932-the-administration-console---the-main-interface.html

http://help.comodo.com/topic-212-1-514-5933-deploying-cwaf-rules-on-server.html

http://help.comodo.com/topic-212-1-514-5937-installing-the-agent-for-cpanel-plug-in.html

http://help.comodo.com/topic-212-1-514-5938-using-cpanel-plug-in-for-firewall-configuration.html