Modsecurity / Comodo CWAF Litespeed Setup

#1
Hello

I am trying to configure our server to use the comodo cwaf rules with litespeed.
I have a 2 Cpu licence, I have installed cwaf and downloaded the rules according to the comodo guide.
I have added the following lines in our httpd.conf files :

LoadFile /usr/lib64/libxml2.so
LoadModule security2_module /usr/lib/apache/mod_security2.so
Include "/opt/cwaf/etc/cwaf.conf"

Litespeed is starting, the .conf files with the rules are read by the server (I can see it in the logs) but it seems that requests are not filtered.

Did I miss something ? Is there a configuration file somewhare that I miss ?

It seems that there is very few documentation on the litespeed+modsecurity setup. :-(
 

mistwang

LiteSpeed Staff
#2
When you test it, you should use a PHP script, LiteSpeed wont filter static file usually.
Turn on ModSecrity Debug Log to find out what happened.
 
Top