LiteSpeed Technologies
Download Download     Blog Blog     Wiki Wiki     Forum Forum     Store     Contact Contact    

Go Back   LiteSpeed Support Forums > LiteSpeed Web Server > General > mod_security

Reply
Page 3 of 7 12 3 45 Last »
 
Thread Tools Display Modes
  #21  
Old 05-08-2011, 11:30 PM
NC-Designs NC-Designs is offline
Senior Member
  
Join Date: Aug 2010
Posts: 58
Quote:
Originally Posted by mistwang View Post
Those rules should work fine with 4.1 release.
We need to either check it on your server, or copy your configuration to our lab environment to reproduce it.
I have PMed you my email, please could you get back to me on that address so I can provide you with a login so you could take a look?

Regards,
Chris
Reply With Quote
  #22  
Old 05-08-2011, 11:44 PM
sux0r sux0r is offline
Senior Member
  
Join Date: Dec 2009
Posts: 56
I get these errors with the latest gotr00t rule set which i tried.

20_asl_useragents.conf
00_asl_rbl.conf
10_asl_rules.conf



o.O
Reply With Quote
  #23  
Old 05-09-2011, 12:12 AM
NC-Designs NC-Designs is offline
Senior Member
  
Join Date: Aug 2010
Posts: 58
Quote:
Originally Posted by sux0r View Post
I get these errors with the latest gotr00t rule set which i tried.

20_asl_useragents.conf
00_asl_rbl.conf
10_asl_rules.conf

o.O
Yeah I get the Location match authType errors that you are getting.
Reply With Quote
  #24  
Old 05-09-2011, 03:17 AM
NiteWave NiteWave is offline
LiteSpeed Staff
  
Join Date: Sep 2009
Posts: 2,217
please confirm if it's the latest 4.1?
Last-Modified: Tue, 03 May 2011
Reply With Quote
  #25  
Old 05-09-2011, 03:35 AM
NC-Designs NC-Designs is offline
Senior Member
  
Join Date: Aug 2010
Posts: 58
Quote:
Originally Posted by NiteWave View Post
please confirm if it's the latest 4.1?
Last-Modified: Tue, 03 May 2011
Yep Tuesday 3rd May. Just a quick screenie of the errors im getting too -
Reply With Quote
  #26  
Old 05-09-2011, 03:55 AM
sux0r sux0r is offline
Senior Member
  
Join Date: Dec 2009
Posts: 56
Even with the First 4.1 build im getting the errors.
I didnt bother much about it.
Reply With Quote
  #27  
Old 05-10-2011, 10:39 AM
mistwang mistwang is offline
LiteSpeed Staff
  
Join Date: May 2003
Location: New Jersey
Posts: 7,583
The <LocationMatch> issue should be addressed in our 4.1.1 release when you put security rule in native LSWS configuration.

However, for vhost configured through httpd.conf, you should configure mod_security through httpd.conf as if Apache is used.
Reply With Quote
  #28  
Old 05-10-2011, 01:39 PM
sux0r sux0r is offline
Senior Member
  
Join Date: Dec 2009
Posts: 56
Configured ModSec from httpd.conf
And the <LocationMatch> errors disappeared.

These are the errors now whichs regarding 10_asl_rules.conf
From GotRoot Rule set.

Reply With Quote
  #29  
Old 05-23-2011, 08:13 PM
optize optize is offline
Senior Member
  
Join Date: Feb 2010
Posts: 121
No update?
Reply With Quote
  #30  
Old 06-11-2011, 04:22 AM
chernann chernann is offline
Member
  
Join Date: Nov 2006
Posts: 13
Default Gotroot 2.5 modsecurity processing in Litespeed
I signed up for a gotroot subscription and tried the rules as suggested for a cpanel installation, i.e. a relatively light rule set.

While most rules parsed ok, performance on the server was significantly degraded, a normal dynamic page that delivered in 300 milliseconds would take 20 seconds to load. It looks like the mod security implementation needs to be optimized or precompiled in some way, or an apache reverse proxy run in front of litespeed.
Reply With Quote
Reply
Page 3 of 7 12 3 45 Last »

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -7. The time now is 11:02 PM.



- Archive - Top
© Copyright 2003-2011 LiteSpeed Technologies, Inc. All rights reserved. Privacy Policy.