I noticed the last few days I havent been getting any configserver firewall mod security bans in my mail for my server. So I figured it didnt write to /etc/httpd/logs/audit_log like mod security did. So I went and done some testing with some common exploits I have rules for and didnt get any 403s, I double checked, made sure the request filter was on. Instead of including the mod security rules with an Include in httpd.conf I copied and pasted my blacklist.conf into a new ruleset in the litespeed admin panel., you can see a copy here www.nix101.com/blacklist.conf. It didnt accept the location match directives so I took them out. Went back to testing again, nothing. For example you should get a 403 for awstats probe for the request http://secureservertech.com/cgi-bin/awstats/awstats.pl But if you click the link you notice you only get a 404. Anyway the most important rules I need are the ones for php shells and stuff like that so i definitely need to get this working. Ive looked over any piossibilty of any mistake I could have made and couldnt find anything. Any ideas?