What has to be done to get LSWS WAF work?

[serpent_driver]

I have LiteSpeed WAF enabled, but there is no log file with log level 9?! As I know from ModSecurity in WHM (currently disabled) there are frequently attacks, so why is there no log file with LS WAF? What else has to be done to get it work? Do I have to add rules?

 

[Pong]

Yes, please add some rules https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:waf:standalone

 

[serpent_driver]

Thank you, but what is about this hint? lsws uses apache config file, doesn't it?

 

[Pong]

This LSWS web console settings for LSWS native virtual hosts. On WHM/cpanel, you should not use these settings. Instead, enabling ModSecurity through WHM (which modify the apache configurations).

 

[serpent_driver]

You don't proclaim good news.....

 

[serpent_driver]

For everybody else who has control panel like cPanel/WHM add Comodo rule set to WHM/ModSecurity to extend rule sets:

https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:waf:comodo

 

[winkybil]

It is interesting to think about. I can appreciate it could have a faster response time in the case of a new exploit. Does aws itself run WAF in front of any of its own services that you are aware of? Would it be odd or at least inconsistent if they didn't?






Kodi nox