Enable Request Filtering?

Discussion in 'General' started by markb1439, Feb 8, 2011.

  1. markb1439

    markb1439 New Member

    Hi,

    If I am running with mod_security and the Gotroot rules, should I also enable LiteSpeed request filtering? In other words, is that setting required to activate mod_security, or is it a separate thing that will interfere?

    I want the maximum protection, but I want to make sure everything is right.

    Thanks,

    Mark
  2. mistwang

    mistwang LiteSpeed Staff

    No, you do not need to enable request filter if you load Apache httpd.conf, it is controlled by mod_sec configuration in httpd.conf.
  3. mistwang

    mistwang LiteSpeed Staff

    should use 1.9 or 2.0/2.1 ruleset, not the 2.5 ruleset. 2.5 ruleset will be supported in LSWS 4.1 release.
  4. markb1439

    markb1439 New Member

    We are using the gotroot ruleset, and we would not like to revert to anything less secure than that.

    Will there be problems if we keep using those rules?

    When is 4.1 due out?

    Thanks,

    Mark
  5. markb1439

    markb1439 New Member

    Is it okay to use the gotroot rules in the current version of LiteSpeed? I think I saw you say elsewhere that they work, but in this thread you suggest using mod_security 1.9 or 2.0/2.1 rules. (I believe gotroot are 2.5.)

    Thanks,

    Mark
  6. mistwang

    mistwang LiteSpeed Staff

    http://www.gotroot.com/mod_security rules
    1.9/2.0/2.1 rules are still available, just not maintained, without new rules added.
    our next build of 4.1RC4 should be able to work with 2.5 rules, you can give it a try if you want.
  7. hd-sam

    hd-sam Member

    modsec

    Are there any updates to litespeed's support for modsec? Does anyone know if the latest from gotroot.com are fully compatible w/ Litespeed yet?
  8. NiteWave

    NiteWave Administrator

  9. hd-sam

    hd-sam Member

    Thanks... with that document then I assume LiteSpeed is not fully compatible with the latest gotroot rules
  10. NiteWave

    NiteWave Administrator

    should say:
    not 100% compatible with the apache mod_security engine, but for most latest rules which engine is compatible, those rules works fine and more efficient.
    FYI: many of our users are using cPanel, lsws plugin for cPanel, mod_security.
  11. hd-sam

    hd-sam Member

    thanks NiteWave.

    Which set of rules would you recommend downloading then for full compatibility with LSWS and cPanel? Or is there a list of rules we should disable when using the latest gotroot ruleset?

    Thanks!
  12. NiteWave

    NiteWave Administrator

    gotroot ruleset is recommended.

    you needn't disable any rule manually. those not supported rules are skipped automatically. if you find particular supported rules are not executed, please report the issue on forum.

Share This Page